//===----------------------------------------------------------------------===//
//
// This source file is part of the Soto for AWS open source project
//
// Copyright (c) 2017-2024 the Soto project authors
// Licensed under Apache License v2.0
//
// See LICENSE.txt for license information
// See CONTRIBUTORS.txt for the list of Soto project authors
//
// SPDX-License-Identifier: Apache-2.0
//
//===----------------------------------------------------------------------===//

// THIS FILE IS AUTOMATICALLY GENERATED by https://github.com/soto-project/soto-codegenerator.
// DO NOT EDIT.

#if canImport(FoundationEssentials)
import FoundationEssentials
#else
import Foundation
#endif
@_exported import SotoCore

/// Service object for interacting with AWS S3Control service.
///
///  Amazon Web Services S3 Control provides access to Amazon S3 control plane actions.
public struct S3Control: AWSService {
    // MARK: Member variables

    /// Client used for communication with AWS
    public let client: AWSClient
    /// Service configuration
    public let config: AWSServiceConfig

    // MARK: Initialization

    /// Initialize the S3Control client
    /// - parameters:
    ///     - client: AWSClient used to process requests
    ///     - region: Region of server you want to communicate with. This will override the partition parameter.
    ///     - partition: AWS partition where service resides, standard (.aws), china (.awscn), government (.awsusgov).
    ///     - endpoint: Custom endpoint URL to use instead of standard AWS servers
    ///     - middleware: Middleware chain used to edit requests before they are sent and responses before they are decoded 
    ///     - timeout: Timeout value for HTTP requests
    ///     - byteBufferAllocator: Allocator for ByteBuffers
    ///     - options: Service options
    public init(
        client: AWSClient,
        region: SotoCore.Region? = nil,
        partition: AWSPartition = .aws,
        endpoint: String? = nil,
        middleware: AWSMiddlewareProtocol? = nil,
        timeout: TimeAmount? = nil,
        byteBufferAllocator: ByteBufferAllocator = ByteBufferAllocator(),
        options: AWSServiceConfig.Options = []
    ) {
        self.client = client
        self.config = AWSServiceConfig(
            region: region,
            partition: region?.partition ?? partition,
            serviceName: "S3Control",
            serviceIdentifier: "s3-control",
            signingName: "s3",
            serviceProtocol: .restxml,
            apiVersion: "2018-08-20",
            endpoint: endpoint,
            serviceEndpoints: Self.serviceEndpoints,
            variantEndpoints: Self.variantEndpoints,
            errorType: S3ControlErrorType.self,
            xmlNamespace: "http://awss3control.amazonaws.com/doc/2018-08-20/",
            middleware: middleware,
            timeout: timeout,
            byteBufferAllocator: byteBufferAllocator,
            options: options
        )
    }


    /// custom endpoints for regions
    static var serviceEndpoints: [String: String] {[
        "af-south-1": "s3-control.af-south-1.amazonaws.com",
        "ap-east-1": "s3-control.ap-east-1.amazonaws.com",
        "ap-northeast-1": "s3-control.ap-northeast-1.amazonaws.com",
        "ap-northeast-2": "s3-control.ap-northeast-2.amazonaws.com",
        "ap-northeast-3": "s3-control.ap-northeast-3.amazonaws.com",
        "ap-south-1": "s3-control.ap-south-1.amazonaws.com",
        "ap-south-2": "s3-control.ap-south-2.amazonaws.com",
        "ap-southeast-1": "s3-control.ap-southeast-1.amazonaws.com",
        "ap-southeast-2": "s3-control.ap-southeast-2.amazonaws.com",
        "ap-southeast-3": "s3-control.ap-southeast-3.amazonaws.com",
        "ap-southeast-4": "s3-control.ap-southeast-4.amazonaws.com",
        "ca-central-1": "s3-control.ca-central-1.amazonaws.com",
        "ca-west-1": "s3-control.ca-west-1.amazonaws.com",
        "cn-north-1": "s3-control.cn-north-1.amazonaws.com.cn",
        "cn-northwest-1": "s3-control.cn-northwest-1.amazonaws.com.cn",
        "eu-central-1": "s3-control.eu-central-1.amazonaws.com",
        "eu-central-2": "s3-control.eu-central-2.amazonaws.com",
        "eu-north-1": "s3-control.eu-north-1.amazonaws.com",
        "eu-south-1": "s3-control.eu-south-1.amazonaws.com",
        "eu-south-2": "s3-control.eu-south-2.amazonaws.com",
        "eu-west-1": "s3-control.eu-west-1.amazonaws.com",
        "eu-west-2": "s3-control.eu-west-2.amazonaws.com",
        "eu-west-3": "s3-control.eu-west-3.amazonaws.com",
        "il-central-1": "s3-control.il-central-1.amazonaws.com",
        "me-central-1": "s3-control.me-central-1.amazonaws.com",
        "me-south-1": "s3-control.me-south-1.amazonaws.com",
        "sa-east-1": "s3-control.sa-east-1.amazonaws.com",
        "us-east-1": "s3-control.us-east-1.amazonaws.com",
        "us-east-2": "s3-control.us-east-2.amazonaws.com",
        "us-gov-east-1": "s3-control.us-gov-east-1.amazonaws.com",
        "us-gov-west-1": "s3-control.us-gov-west-1.amazonaws.com",
        "us-iso-east-1": "s3-control.us-iso-east-1.c2s.ic.gov",
        "us-iso-west-1": "s3-control.us-iso-west-1.c2s.ic.gov",
        "us-isob-east-1": "s3-control.us-isob-east-1.sc2s.sgov.gov",
        "us-west-1": "s3-control.us-west-1.amazonaws.com",
        "us-west-2": "s3-control.us-west-2.amazonaws.com"
    ]}


    /// FIPS and dualstack endpoints
    static var variantEndpoints: [EndpointVariantType: AWSServiceConfig.EndpointVariant] {[
        [.dualstack]: .init(endpoints: [
            "af-south-1": "s3-control.dualstack.af-south-1.amazonaws.com",
            "ap-east-1": "s3-control.dualstack.ap-east-1.amazonaws.com",
            "ap-northeast-1": "s3-control.dualstack.ap-northeast-1.amazonaws.com",
            "ap-northeast-2": "s3-control.dualstack.ap-northeast-2.amazonaws.com",
            "ap-northeast-3": "s3-control.dualstack.ap-northeast-3.amazonaws.com",
            "ap-south-1": "s3-control.dualstack.ap-south-1.amazonaws.com",
            "ap-south-2": "s3-control.dualstack.ap-south-2.amazonaws.com",
            "ap-southeast-1": "s3-control.dualstack.ap-southeast-1.amazonaws.com",
            "ap-southeast-2": "s3-control.dualstack.ap-southeast-2.amazonaws.com",
            "ap-southeast-3": "s3-control.dualstack.ap-southeast-3.amazonaws.com",
            "ap-southeast-4": "s3-control.dualstack.ap-southeast-4.amazonaws.com",
            "ca-central-1": "s3-control.dualstack.ca-central-1.amazonaws.com",
            "ca-west-1": "s3-control.dualstack.ca-west-1.amazonaws.com",
            "cn-north-1": "s3-control.dualstack.cn-north-1.amazonaws.com.cn",
            "cn-northwest-1": "s3-control.dualstack.cn-northwest-1.amazonaws.com.cn",
            "eu-central-1": "s3-control.dualstack.eu-central-1.amazonaws.com",
            "eu-central-2": "s3-control.dualstack.eu-central-2.amazonaws.com",
            "eu-north-1": "s3-control.dualstack.eu-north-1.amazonaws.com",
            "eu-south-1": "s3-control.dualstack.eu-south-1.amazonaws.com",
            "eu-south-2": "s3-control.dualstack.eu-south-2.amazonaws.com",
            "eu-west-1": "s3-control.dualstack.eu-west-1.amazonaws.com",
            "eu-west-2": "s3-control.dualstack.eu-west-2.amazonaws.com",
            "eu-west-3": "s3-control.dualstack.eu-west-3.amazonaws.com",
            "il-central-1": "s3-control.dualstack.il-central-1.amazonaws.com",
            "me-central-1": "s3-control.dualstack.me-central-1.amazonaws.com",
            "me-south-1": "s3-control.dualstack.me-south-1.amazonaws.com",
            "sa-east-1": "s3-control.dualstack.sa-east-1.amazonaws.com",
            "us-east-1": "s3-control.dualstack.us-east-1.amazonaws.com",
            "us-east-2": "s3-control.dualstack.us-east-2.amazonaws.com",
            "us-gov-east-1": "s3-control.dualstack.us-gov-east-1.amazonaws.com",
            "us-gov-west-1": "s3-control.dualstack.us-gov-west-1.amazonaws.com",
            "us-west-1": "s3-control.dualstack.us-west-1.amazonaws.com",
            "us-west-2": "s3-control.dualstack.us-west-2.amazonaws.com"
        ]),
        [.dualstack, .fips]: .init(endpoints: [
            "ca-central-1": "s3-control-fips.dualstack.ca-central-1.amazonaws.com",
            "ca-west-1": "s3-control-fips.dualstack.ca-west-1.amazonaws.com",
            "us-east-1": "s3-control-fips.dualstack.us-east-1.amazonaws.com",
            "us-east-2": "s3-control-fips.dualstack.us-east-2.amazonaws.com",
            "us-gov-east-1": "s3-control-fips.dualstack.us-gov-east-1.amazonaws.com",
            "us-gov-west-1": "s3-control-fips.dualstack.us-gov-west-1.amazonaws.com",
            "us-west-1": "s3-control-fips.dualstack.us-west-1.amazonaws.com",
            "us-west-2": "s3-control-fips.dualstack.us-west-2.amazonaws.com"
        ]),
        [.fips]: .init(endpoints: [
            "ca-central-1": "s3-control-fips.ca-central-1.amazonaws.com",
            "ca-west-1": "s3-control-fips.ca-west-1.amazonaws.com",
            "us-east-1": "s3-control-fips.us-east-1.amazonaws.com",
            "us-east-2": "s3-control-fips.us-east-2.amazonaws.com",
            "us-gov-east-1": "s3-control-fips.us-gov-east-1.amazonaws.com",
            "us-gov-west-1": "s3-control-fips.us-gov-west-1.amazonaws.com",
            "us-iso-east-1": "s3-control-fips.us-iso-east-1.c2s.ic.gov",
            "us-iso-west-1": "s3-control-fips.us-iso-west-1.c2s.ic.gov",
            "us-isob-east-1": "s3-control-fips.us-isob-east-1.sc2s.sgov.gov",
            "us-west-1": "s3-control-fips.us-west-1.amazonaws.com",
            "us-west-2": "s3-control-fips.us-west-2.amazonaws.com"
        ])
    ]}

    // MARK: API Calls

    /// Associate your S3 Access Grants instance with an Amazon Web Services IAM Identity Center instance. Use this action if you want to create access grants for users or groups from your corporate identity directory. First, you must add your corporate identity directory to Amazon Web Services IAM Identity Center. Then, you can associate this IAM Identity Center instance with your S3 Access Grants instance.  Permissions  You must have the s3:AssociateAccessGrantsIdentityCenter permission to use this operation.   Additional Permissions  You must also have the following permissions: sso:CreateApplication, sso:PutApplicationGrant, and sso:PutApplicationAuthenticationMethod.
    @Sendable
    @inlinable
    public func associateAccessGrantsIdentityCenter(_ input: AssociateAccessGrantsIdentityCenterRequest, logger: Logger = AWSClient.loggingDisabled) async throws {
        try await self.client.execute(
            operation: "AssociateAccessGrantsIdentityCenter", 
            path: "/v20180820/accessgrantsinstance/identitycenter", 
            httpMethod: .POST, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    /// Associate your S3 Access Grants instance with an Amazon Web Services IAM Identity Center instance. Use this action if you want to create access grants for users or groups from your corporate identity directory. First, you must add your corporate identity directory to Amazon Web Services IAM Identity Center. Then, you can associate this IAM Identity Center instance with your S3 Access Grants instance.  Permissions  You must have the s3:AssociateAccessGrantsIdentityCenter permission to use this operation.   Additional Permissions  You must also have the following permissions: sso:CreateApplication, sso:PutApplicationGrant, and sso:PutApplicationAuthenticationMethod.
    ///
    /// Parameters:
    ///   - accountId: The Amazon Web Services account ID of the S3 Access Grants instance.
    ///   - identityCenterArn: The Amazon Resource Name (ARN) of the Amazon Web Services IAM Identity Center instance that you are associating with your S3 Access Grants instance. An IAM Identity Center instance is your corporate identity directory that you added to the IAM Identity Center. You can use the ListInstances API operation to retrieve a list of your Identity Center instances and their ARNs.
    ///   - logger: Logger use during operation
    @inlinable
    public func associateAccessGrantsIdentityCenter(
        accountId: String,
        identityCenterArn: String,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws {
        let input = AssociateAccessGrantsIdentityCenterRequest(
            accountId: accountId, 
            identityCenterArn: identityCenterArn
        )
        return try await self.associateAccessGrantsIdentityCenter(input, logger: logger)
    }

    /// Creates an access grant that gives a grantee access to your S3 data. The grantee can be an IAM user or role or a directory user, or group. Before you can create a grant, you must have an S3 Access Grants instance in the same Region as the S3 data. You can create an S3 Access Grants instance using the CreateAccessGrantsInstance. You must also have registered at least one S3 data location in your S3 Access Grants instance using CreateAccessGrantsLocation.    Permissions  You must have the s3:CreateAccessGrant permission to use this operation.   Additional Permissions  For any directory identity - sso:DescribeInstance and sso:DescribeApplication  For directory users - identitystore:DescribeUser  For directory groups - identitystore:DescribeGroup
    @Sendable
    @inlinable
    public func createAccessGrant(_ input: CreateAccessGrantRequest, logger: Logger = AWSClient.loggingDisabled) async throws -> CreateAccessGrantResult {
        try await self.client.execute(
            operation: "CreateAccessGrant", 
            path: "/v20180820/accessgrantsinstance/grant", 
            httpMethod: .POST, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    /// Creates an access grant that gives a grantee access to your S3 data. The grantee can be an IAM user or role or a directory user, or group. Before you can create a grant, you must have an S3 Access Grants instance in the same Region as the S3 data. You can create an S3 Access Grants instance using the CreateAccessGrantsInstance. You must also have registered at least one S3 data location in your S3 Access Grants instance using CreateAccessGrantsLocation.    Permissions  You must have the s3:CreateAccessGrant permission to use this operation.   Additional Permissions  For any directory identity - sso:DescribeInstance and sso:DescribeApplication  For directory users - identitystore:DescribeUser  For directory groups - identitystore:DescribeGroup
    ///
    /// Parameters:
    ///   - accessGrantsLocationConfiguration: The configuration options of the grant location. The grant location is the S3 path to the data to which you are granting access. It contains the S3SubPrefix field. The grant scope is the result of appending the subprefix to the location scope of the registered location.
    ///   - accessGrantsLocationId: The ID of the registered location to which you are granting access. S3 Access Grants assigns this ID when you register the location. S3 Access Grants assigns the ID default to the default location s3:// and assigns an auto-generated ID to other locations that you register.  If you are passing the default location, you cannot create an access grant for the entire default location. You must also specify a bucket or a bucket and prefix in the Subprefix field.
    ///   - accountId: The Amazon Web Services account ID of the S3 Access Grants instance.
    ///   - applicationArn: The Amazon Resource Name (ARN) of an Amazon Web Services IAM Identity Center application associated with your Identity Center instance. If an application ARN is included in the request to create an access grant, the grantee can only access the S3 data through this application.
    ///   - grantee: The user, group, or role to which you are granting access. You can grant access to an IAM user or role. If you have added your corporate directory to Amazon Web Services IAM Identity Center and associated your Identity Center instance with your S3 Access Grants instance, the grantee can also be a corporate directory user or group.
    ///   - permission: The type of access that you are granting to your S3 data, which can be set to one of the following values:    READ – Grant read-only access to the S3 data.    WRITE – Grant write-only access to the S3 data.    READWRITE – Grant both read and write access to the S3 data.
    ///   - s3PrefixType: The type of S3SubPrefix. The only possible value is Object. Pass this value if the access grant scope is an object. Do not pass this value if the access grant scope is a bucket or a bucket and a prefix.
    ///   - tags: The Amazon Web Services resource tags that you are adding to the access grant. Each tag is a label consisting of a user-defined key and value. Tags can help you manage, identify, organize, search for, and filter resources.
    ///   - logger: Logger use during operation
    @inlinable
    public func createAccessGrant(
        accessGrantsLocationConfiguration: AccessGrantsLocationConfiguration? = nil,
        accessGrantsLocationId: String,
        accountId: String,
        applicationArn: String? = nil,
        grantee: Grantee,
        permission: Permission,
        s3PrefixType: S3PrefixType? = nil,
        tags: [Tag]? = nil,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws -> CreateAccessGrantResult {
        let input = CreateAccessGrantRequest(
            accessGrantsLocationConfiguration: accessGrantsLocationConfiguration, 
            accessGrantsLocationId: accessGrantsLocationId, 
            accountId: accountId, 
            applicationArn: applicationArn, 
            grantee: grantee, 
            permission: permission, 
            s3PrefixType: s3PrefixType, 
            tags: tags
        )
        return try await self.createAccessGrant(input, logger: logger)
    }

    /// Creates an S3 Access Grants instance, which serves as a logical grouping for access grants. You can create one S3 Access Grants instance per Region per account.   Permissions  You must have the s3:CreateAccessGrantsInstance permission to use this operation.   Additional Permissions  To associate an IAM Identity Center instance with your S3 Access Grants instance, you must also have the sso:DescribeInstance, sso:CreateApplication, sso:PutApplicationGrant, and sso:PutApplicationAuthenticationMethod permissions.
    @Sendable
    @inlinable
    public func createAccessGrantsInstance(_ input: CreateAccessGrantsInstanceRequest, logger: Logger = AWSClient.loggingDisabled) async throws -> CreateAccessGrantsInstanceResult {
        try await self.client.execute(
            operation: "CreateAccessGrantsInstance", 
            path: "/v20180820/accessgrantsinstance", 
            httpMethod: .POST, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    /// Creates an S3 Access Grants instance, which serves as a logical grouping for access grants. You can create one S3 Access Grants instance per Region per account.   Permissions  You must have the s3:CreateAccessGrantsInstance permission to use this operation.   Additional Permissions  To associate an IAM Identity Center instance with your S3 Access Grants instance, you must also have the sso:DescribeInstance, sso:CreateApplication, sso:PutApplicationGrant, and sso:PutApplicationAuthenticationMethod permissions.
    ///
    /// Parameters:
    ///   - accountId: The Amazon Web Services account ID of the S3 Access Grants instance.
    ///   - identityCenterArn: If you would like to associate your S3 Access Grants instance with an Amazon Web Services IAM Identity Center instance, use this field to pass the Amazon Resource Name (ARN) of the Amazon Web Services IAM Identity Center instance that you are associating with your S3 Access Grants instance. An IAM Identity Center instance is your corporate identity directory that you added to the IAM Identity Center. You can use the ListInstances API operation to retrieve a list of your Identity Center instances and their ARNs.
    ///   - tags: The Amazon Web Services resource tags that you are adding to the S3 Access Grants instance. Each tag is a label consisting of a user-defined key and value. Tags can help you manage, identify, organize, search for, and filter resources.
    ///   - logger: Logger use during operation
    @inlinable
    public func createAccessGrantsInstance(
        accountId: String,
        identityCenterArn: String? = nil,
        tags: [Tag]? = nil,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws -> CreateAccessGrantsInstanceResult {
        let input = CreateAccessGrantsInstanceRequest(
            accountId: accountId, 
            identityCenterArn: identityCenterArn, 
            tags: tags
        )
        return try await self.createAccessGrantsInstance(input, logger: logger)
    }

    /// The S3 data location that you would like to register in your S3 Access Grants instance. Your S3 data must be in the same Region as your S3 Access Grants instance. The location can be one of the following:    The default S3 location s3://    A bucket - S3://    A bucket and prefix - S3:///    When you register a location, you must include the IAM role that has permission to manage the S3 location that you are registering. Give S3 Access Grants permission to assume this role using a policy. S3 Access Grants assumes this role to manage access to the location and to vend temporary credentials to grantees or client applications.   Permissions  You must have the s3:CreateAccessGrantsLocation permission to use this operation.   Additional Permissions  You must also have the following permission for the specified IAM role: iam:PassRole
    @Sendable
    @inlinable
    public func createAccessGrantsLocation(_ input: CreateAccessGrantsLocationRequest, logger: Logger = AWSClient.loggingDisabled) async throws -> CreateAccessGrantsLocationResult {
        try await self.client.execute(
            operation: "CreateAccessGrantsLocation", 
            path: "/v20180820/accessgrantsinstance/location", 
            httpMethod: .POST, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    /// The S3 data location that you would like to register in your S3 Access Grants instance. Your S3 data must be in the same Region as your S3 Access Grants instance. The location can be one of the following:    The default S3 location s3://    A bucket - S3://    A bucket and prefix - S3:///    When you register a location, you must include the IAM role that has permission to manage the S3 location that you are registering. Give S3 Access Grants permission to assume this role using a policy. S3 Access Grants assumes this role to manage access to the location and to vend temporary credentials to grantees or client applications.   Permissions  You must have the s3:CreateAccessGrantsLocation permission to use this operation.   Additional Permissions  You must also have the following permission for the specified IAM role: iam:PassRole
    ///
    /// Parameters:
    ///   - accountId: The Amazon Web Services account ID of the S3 Access Grants instance.
    ///   - iamRoleArn: The Amazon Resource Name (ARN) of the IAM role for the registered location. S3 Access Grants assumes this role to manage access to the registered location.
    ///   - locationScope: The S3 path to the location that you are registering. The location scope can be the default S3 location s3://, the S3 path to a bucket s3://, or the S3 path to a bucket and prefix s3:///. A prefix in S3 is a string of characters at the beginning of an object key name used to organize the objects that you store in your S3 buckets. For example, object key names that start with the engineering/ prefix or object key names that start with the marketing/campaigns/ prefix.
    ///   - tags: The Amazon Web Services resource tags that you are adding to the S3 Access Grants location. Each tag is a label consisting of a user-defined key and value. Tags can help you manage, identify, organize, search for, and filter resources.
    ///   - logger: Logger use during operation
    @inlinable
    public func createAccessGrantsLocation(
        accountId: String,
        iamRoleArn: String,
        locationScope: String,
        tags: [Tag]? = nil,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws -> CreateAccessGrantsLocationResult {
        let input = CreateAccessGrantsLocationRequest(
            accountId: accountId, 
            iamRoleArn: iamRoleArn, 
            locationScope: locationScope, 
            tags: tags
        )
        return try await self.createAccessGrantsLocation(input, logger: logger)
    }

    /// Creates an access point and associates it to a specified bucket. For more information, see Managing access to shared datasets with access points or Managing access to shared datasets in directory buckets with access points in the Amazon S3 User Guide. To create an access point and attach it to a volume on an Amazon FSx file system, see CreateAndAttachS3AccessPoint in the Amazon FSx API Reference.   S3 on Outposts only supports VPC-style access points.  For more information, see  Accessing Amazon S3 on Outposts using virtual private cloud (VPC) only access points in the Amazon S3 User Guide.  All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of s3-control. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id derived by using the access point ARN, see the Examples section.  The following actions are related to CreateAccessPoint:    GetAccessPoint     DeleteAccessPoint     ListAccessPoints     ListAccessPointsForDirectoryBuckets
    @Sendable
    @inlinable
    public func createAccessPoint(_ input: CreateAccessPointRequest, logger: Logger = AWSClient.loggingDisabled) async throws -> CreateAccessPointResult {
        try await self.client.execute(
            operation: "CreateAccessPoint", 
            path: "/v20180820/accesspoint/{Name}", 
            httpMethod: .PUT, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    /// Creates an access point and associates it to a specified bucket. For more information, see Managing access to shared datasets with access points or Managing access to shared datasets in directory buckets with access points in the Amazon S3 User Guide. To create an access point and attach it to a volume on an Amazon FSx file system, see CreateAndAttachS3AccessPoint in the Amazon FSx API Reference.   S3 on Outposts only supports VPC-style access points.  For more information, see  Accessing Amazon S3 on Outposts using virtual private cloud (VPC) only access points in the Amazon S3 User Guide.  All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of s3-control. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id derived by using the access point ARN, see the Examples section.  The following actions are related to CreateAccessPoint:    GetAccessPoint     DeleteAccessPoint     ListAccessPoints     ListAccessPointsForDirectoryBuckets
    ///
    /// Parameters:
    ///   - accountId: The Amazon Web Services account ID for the account that owns the specified access point.
    ///   - bucket: The name of the bucket that you want to associate this access point with. For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well. For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must  specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:::outpost//bucket/. For example, to access the bucket reports through Outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports. The value must be URL encoded.
    ///   - bucketAccountId: The Amazon Web Services account ID associated with the S3 bucket associated with this access point. For same account access point when your bucket and access point belong to the same account owner, the BucketAccountId is not required.  For cross-account access point when your bucket and access point are not in the same account, the BucketAccountId is required.
    ///   - name: The name you want to assign to this access point. For directory buckets, the access point name must consist of a base name that you provide and suffix that includes the ZoneID (Amazon Web Services Availability Zone or Local Zone) of your bucket location, followed by --xa-s3. For more information, see Managing access to shared datasets in directory buckets with access points in the Amazon S3 User Guide.
    ///   - publicAccessBlockConfiguration:  The PublicAccessBlock configuration that you want to apply to the access point.
    ///   - scope: For directory buckets, you can filter access control to specific prefixes, API operations, or a combination of both. For more information, see Managing access to shared datasets in directory buckets with access points in the Amazon S3 User Guide.  Scope is only supported for access points attached to directory buckets.
    ///   - vpcConfiguration: If you include this field, Amazon S3 restricts access to this access point to requests from the specified virtual private cloud (VPC).  This is required for creating an access point for Amazon S3 on Outposts buckets.
    ///   - logger: Logger use during operation
    @inlinable
    public func createAccessPoint(
        accountId: String,
        bucket: String,
        bucketAccountId: String? = nil,
        name: String,
        publicAccessBlockConfiguration: PublicAccessBlockConfiguration? = nil,
        scope: Scope? = nil,
        vpcConfiguration: VpcConfiguration? = nil,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws -> CreateAccessPointResult {
        let input = CreateAccessPointRequest(
            accountId: accountId, 
            bucket: bucket, 
            bucketAccountId: bucketAccountId, 
            name: name, 
            publicAccessBlockConfiguration: publicAccessBlockConfiguration, 
            scope: scope, 
            vpcConfiguration: vpcConfiguration
        )
        return try await self.createAccessPoint(input, logger: logger)
    }

    ///  This operation is not supported by directory buckets.  Creates an Object Lambda Access Point. For more information, see Transforming objects with Object Lambda Access Points in the Amazon S3 User Guide. The following actions are related to CreateAccessPointForObjectLambda:    DeleteAccessPointForObjectLambda     GetAccessPointForObjectLambda     ListAccessPointsForObjectLambda
    @Sendable
    @inlinable
    public func createAccessPointForObjectLambda(_ input: CreateAccessPointForObjectLambdaRequest, logger: Logger = AWSClient.loggingDisabled) async throws -> CreateAccessPointForObjectLambdaResult {
        try await self.client.execute(
            operation: "CreateAccessPointForObjectLambda", 
            path: "/v20180820/accesspointforobjectlambda/{Name}", 
            httpMethod: .PUT, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    ///  This operation is not supported by directory buckets.  Creates an Object Lambda Access Point. For more information, see Transforming objects with Object Lambda Access Points in the Amazon S3 User Guide. The following actions are related to CreateAccessPointForObjectLambda:    DeleteAccessPointForObjectLambda     GetAccessPointForObjectLambda     ListAccessPointsForObjectLambda
    ///
    /// Parameters:
    ///   - accountId: The Amazon Web Services account ID for owner of the specified Object Lambda Access Point.
    ///   - configuration: Object Lambda Access Point configuration as a JSON document.
    ///   - name: The name you want to assign to this Object Lambda Access Point.
    ///   - logger: Logger use during operation
    @inlinable
    public func createAccessPointForObjectLambda(
        accountId: String,
        configuration: ObjectLambdaConfiguration,
        name: String,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws -> CreateAccessPointForObjectLambdaResult {
        let input = CreateAccessPointForObjectLambdaRequest(
            accountId: accountId, 
            configuration: configuration, 
            name: name
        )
        return try await self.createAccessPointForObjectLambda(input, logger: logger)
    }

    ///  This action creates an Amazon S3 on Outposts bucket. To create an S3 bucket, see Create Bucket in the Amazon S3 API Reference.   Creates a new Outposts bucket. By creating the bucket, you become the bucket owner. To create an Outposts bucket, you must have S3 on Outposts. For more information, see Using Amazon S3 on Outposts in Amazon S3 User Guide. Not every string is an acceptable bucket name. For information on bucket naming restrictions, see Working with Amazon S3 Buckets. S3 on Outposts buckets support:   Tags   LifecycleConfigurations for deleting expired objects   For a complete list of restrictions and Amazon S3 feature limitations on S3 on Outposts, see  Amazon S3 on Outposts Restrictions and Limitations. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and x-amz-outpost-id in your API request, see the Examples section. The following actions are related to CreateBucket for Amazon S3 on Outposts:    PutObject     GetBucket     DeleteBucket     CreateAccessPoint     PutAccessPointPolicy
    @Sendable
    @inlinable
    public func createBucket(_ input: CreateBucketRequest, logger: Logger = AWSClient.loggingDisabled) async throws -> CreateBucketResult {
        try await self.client.execute(
            operation: "CreateBucket", 
            path: "/v20180820/bucket/{Bucket}", 
            httpMethod: .PUT, 
            serviceConfig: self.config, 
            input: input, 
            logger: logger
        )
    }
    ///  This action creates an Amazon S3 on Outposts bucket. To create an S3 bucket, see Create Bucket in the Amazon S3 API Reference.   Creates a new Outposts bucket. By creating the bucket, you become the bucket owner. To create an Outposts bucket, you must have S3 on Outposts. For more information, see Using Amazon S3 on Outposts in Amazon S3 User Guide. Not every string is an acceptable bucket name. For information on bucket naming restrictions, see Working with Amazon S3 Buckets. S3 on Outposts buckets support:   Tags   LifecycleConfigurations for deleting expired objects   For a complete list of restrictions and Amazon S3 feature limitations on S3 on Outposts, see  Amazon S3 on Outposts Restrictions and Limitations. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and x-amz-outpost-id in your API request, see the Examples section. The following actions are related to CreateBucket for Amazon S3 on Outposts:    PutObject     GetBucket     DeleteBucket     CreateAccessPoint     PutAccessPointPolicy
    ///
    /// Parameters:
    ///   - acl: The canned ACL to apply to the bucket.  This is not supported by Amazon S3 on Outposts buckets.
    ///   - bucket: The name of the bucket.
    ///   - createBucketConfiguration: The configuration information for the bucket.  This is not supported by Amazon S3 on Outposts buckets.
    ///   - grantFullControl: Allows grantee the read, write, read ACP, and write ACP permissions on the bucket.  This is not supported by Amazon S3 on Outposts buckets.
    ///   - grantRead: Allows grantee to list the objects in the bucket.  This is not supported by Amazon S3 on Outposts buckets.
    ///   - grantReadACP: Allows grantee to read the bucket ACL.  This is not supported by Amazon S3 on Outposts buckets.
    ///   - grantWrite: Allows grantee to create, overwrite, and delete any object in the bucket.  This is not supported by Amazon S3 on Outposts buckets.
    ///   - grantWriteACP: Allows grantee to write the ACL for the applicable bucket.  This is not supported by Amazon S3 on Outposts buckets.
    ///   - objectLockEnabledForBucket: Specifies whether you want S3 Object Lock to be enabled for the new bucket.  This is not supported by Amazon S3 on Outposts buckets.
    ///   - outpostId: The ID of the Outposts where the bucket is being created.  This ID is required by Amazon S3 on Outposts buckets.
    ///   - logger: Logger use during operation
    @inlinable
    public func createBucket(
        acl: BucketCannedACL? = nil,
        bucket: String,
        createBucketConfiguration: CreateBucketConfiguration? = nil,
        grantFullControl: String? = nil,
        grantRead: String? = nil,
        grantReadACP: String? = nil,
        grantWrite: String? = nil,
        grantWriteACP: String? = nil,
        objectLockEnabledForBucket: Bool? = nil,
        outpostId: String? = nil,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws -> CreateBucketResult {
        let input = CreateBucketRequest(
            acl: acl, 
            bucket: bucket, 
            createBucketConfiguration: createBucketConfiguration, 
            grantFullControl: grantFullControl, 
            grantRead: grantRead, 
            grantReadACP: grantReadACP, 
            grantWrite: grantWrite, 
            grantWriteACP: grantWriteACP, 
            objectLockEnabledForBucket: objectLockEnabledForBucket, 
            outpostId: outpostId
        )
        return try await self.createBucket(input, logger: logger)
    }

    /// This operation creates an S3 Batch Operations job. You can use S3 Batch Operations to perform large-scale batch actions on Amazon S3 objects. Batch Operations can run a single action on lists of Amazon S3 objects that you specify. For more information, see S3 Batch Operations in the Amazon S3 User Guide.  Permissions  For information about permissions required to use the Batch Operations, see Granting permissions for S3 Batch Operations in the Amazon S3 User Guide.    Related actions include:    DescribeJob     ListJobs     UpdateJobPriority     UpdateJobStatus     JobOperation
    @Sendable
    @inlinable
    public func createJob(_ input: CreateJobRequest, logger: Logger = AWSClient.loggingDisabled) async throws -> CreateJobResult {
        try await self.client.execute(
            operation: "CreateJob", 
            path: "/v20180820/jobs", 
            httpMethod: .POST, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    /// This operation creates an S3 Batch Operations job. You can use S3 Batch Operations to perform large-scale batch actions on Amazon S3 objects. Batch Operations can run a single action on lists of Amazon S3 objects that you specify. For more information, see S3 Batch Operations in the Amazon S3 User Guide.  Permissions  For information about permissions required to use the Batch Operations, see Granting permissions for S3 Batch Operations in the Amazon S3 User Guide.    Related actions include:    DescribeJob     ListJobs     UpdateJobPriority     UpdateJobStatus     JobOperation
    ///
    /// Parameters:
    ///   - accountId: The Amazon Web Services account ID that creates the job.
    ///   - clientRequestToken: An idempotency token to ensure that you don't accidentally submit the same request twice. You can use any string up to the maximum length.
    ///   - confirmationRequired: Indicates whether confirmation is required before Amazon S3 runs the job. Confirmation is only required for jobs created through the Amazon S3 console.
    ///   - description: A description for this job. You can use any string within the permitted length. Descriptions don't need to be unique and can be used for multiple jobs.
    ///   - manifest: Configuration parameters for the manifest.
    ///   - manifestGenerator: The attribute container for the ManifestGenerator details. Jobs must be created with either a manifest file or a ManifestGenerator, but not both.
    ///   - operation: The action that you want this job to perform on every object listed in the manifest. For more information about the available actions, see Operations in the Amazon S3 User Guide.
    ///   - priority: The numerical priority for this job. Higher numbers indicate higher priority.
    ///   - report: Configuration parameters for the optional job-completion report.
    ///   - roleArn: The Amazon Resource Name (ARN) for the Identity and Access Management (IAM) role that Batch Operations will use to run this job's action on every object in the manifest.
    ///   - tags: A set of tags to associate with the S3 Batch Operations job. This is an optional parameter.
    ///   - logger: Logger use during operation
    @inlinable
    public func createJob(
        accountId: String,
        clientRequestToken: String = CreateJobRequest.idempotencyToken(),
        confirmationRequired: Bool? = nil,
        description: String? = nil,
        manifest: JobManifest? = nil,
        manifestGenerator: JobManifestGenerator? = nil,
        operation: JobOperation,
        priority: Int,
        report: JobReport,
        roleArn: String,
        tags: [S3Tag]? = nil,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws -> CreateJobResult {
        let input = CreateJobRequest(
            accountId: accountId, 
            clientRequestToken: clientRequestToken, 
            confirmationRequired: confirmationRequired, 
            description: description, 
            manifest: manifest, 
            manifestGenerator: manifestGenerator, 
            operation: operation, 
            priority: priority, 
            report: report, 
            roleArn: roleArn, 
            tags: tags
        )
        return try await self.createJob(input, logger: logger)
    }

    ///  This operation is not supported by directory buckets.  Creates a Multi-Region Access Point and associates it with the specified buckets. For more information about creating Multi-Region Access Points, see Creating Multi-Region Access Points in the Amazon S3 User Guide. This action will always be routed to the US West (Oregon) Region. For more information about the restrictions around working with Multi-Region Access Points, see Multi-Region Access Point restrictions and limitations in the Amazon S3 User Guide. This request is asynchronous, meaning that you might receive a response before the command has completed. When this request provides a response, it provides a token that you can use to monitor the status of the request with DescribeMultiRegionAccessPointOperation. The following actions are related to CreateMultiRegionAccessPoint:    DeleteMultiRegionAccessPoint     DescribeMultiRegionAccessPointOperation     GetMultiRegionAccessPoint     ListMultiRegionAccessPoints
    @Sendable
    @inlinable
    public func createMultiRegionAccessPoint(_ input: CreateMultiRegionAccessPointRequest, logger: Logger = AWSClient.loggingDisabled) async throws -> CreateMultiRegionAccessPointResult {
        try await self.client.execute(
            operation: "CreateMultiRegionAccessPoint", 
            path: "/v20180820/async-requests/mrap/create", 
            httpMethod: .POST, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    ///  This operation is not supported by directory buckets.  Creates a Multi-Region Access Point and associates it with the specified buckets. For more information about creating Multi-Region Access Points, see Creating Multi-Region Access Points in the Amazon S3 User Guide. This action will always be routed to the US West (Oregon) Region. For more information about the restrictions around working with Multi-Region Access Points, see Multi-Region Access Point restrictions and limitations in the Amazon S3 User Guide. This request is asynchronous, meaning that you might receive a response before the command has completed. When this request provides a response, it provides a token that you can use to monitor the status of the request with DescribeMultiRegionAccessPointOperation. The following actions are related to CreateMultiRegionAccessPoint:    DeleteMultiRegionAccessPoint     DescribeMultiRegionAccessPointOperation     GetMultiRegionAccessPoint     ListMultiRegionAccessPoints
    ///
    /// Parameters:
    ///   - accountId: The Amazon Web Services account ID for the owner of the Multi-Region Access Point. The owner of the Multi-Region Access Point also must own the underlying buckets.
    ///   - clientToken: An idempotency token used to identify the request and guarantee that requests are unique.
    ///   - details: A container element containing details about the Multi-Region Access Point.
    ///   - logger: Logger use during operation
    @inlinable
    public func createMultiRegionAccessPoint(
        accountId: String,
        clientToken: String = CreateMultiRegionAccessPointRequest.idempotencyToken(),
        details: CreateMultiRegionAccessPointInput,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws -> CreateMultiRegionAccessPointResult {
        let input = CreateMultiRegionAccessPointRequest(
            accountId: accountId, 
            clientToken: clientToken, 
            details: details
        )
        return try await self.createMultiRegionAccessPoint(input, logger: logger)
    }

    ///  Creates a new S3 Storage Lens group and associates it with the specified Amazon Web Services account ID. An S3 Storage Lens group is a custom grouping of objects based on prefix, suffix, object tags, object size, object age, or a combination of these filters. For each Storage Lens group that you’ve created, you can also optionally add Amazon Web Services resource tags. For more information about S3 Storage Lens groups, see Working with S3 Storage Lens groups. To use this operation, you must have the permission to perform the s3:CreateStorageLensGroup action. If you’re trying to create a Storage Lens group with Amazon Web Services resource tags, you must also have permission to perform the s3:TagResource action. For more information about the required Storage Lens Groups permissions, see Setting account permissions to use S3 Storage Lens groups. For information about Storage Lens groups errors, see List of Amazon S3 Storage Lens error codes.
    @Sendable
    @inlinable
    public func createStorageLensGroup(_ input: CreateStorageLensGroupRequest, logger: Logger = AWSClient.loggingDisabled) async throws {
        try await self.client.execute(
            operation: "CreateStorageLensGroup", 
            path: "/v20180820/storagelensgroup", 
            httpMethod: .POST, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    ///  Creates a new S3 Storage Lens group and associates it with the specified Amazon Web Services account ID. An S3 Storage Lens group is a custom grouping of objects based on prefix, suffix, object tags, object size, object age, or a combination of these filters. For each Storage Lens group that you’ve created, you can also optionally add Amazon Web Services resource tags. For more information about S3 Storage Lens groups, see Working with S3 Storage Lens groups. To use this operation, you must have the permission to perform the s3:CreateStorageLensGroup action. If you’re trying to create a Storage Lens group with Amazon Web Services resource tags, you must also have permission to perform the s3:TagResource action. For more information about the required Storage Lens Groups permissions, see Setting account permissions to use S3 Storage Lens groups. For information about Storage Lens groups errors, see List of Amazon S3 Storage Lens error codes.
    ///
    /// Parameters:
    ///   - accountId: The Amazon Web Services account ID that the Storage Lens group is created from and associated with.
    ///   - storageLensGroup: The Storage Lens group configuration.
    ///   - tags: The Amazon Web Services resource tags that you're adding to your Storage Lens group. This parameter is optional.
    ///   - logger: Logger use during operation
    @inlinable
    public func createStorageLensGroup(
        accountId: String,
        storageLensGroup: StorageLensGroup,
        tags: [Tag]? = nil,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws {
        let input = CreateStorageLensGroupRequest(
            accountId: accountId, 
            storageLensGroup: storageLensGroup, 
            tags: tags
        )
        return try await self.createStorageLensGroup(input, logger: logger)
    }

    /// Deletes the access grant from the S3 Access Grants instance. You cannot undo an access grant deletion and the grantee will no longer have access to the S3 data.  Permissions  You must have the s3:DeleteAccessGrant permission to use this operation.
    @Sendable
    @inlinable
    public func deleteAccessGrant(_ input: DeleteAccessGrantRequest, logger: Logger = AWSClient.loggingDisabled) async throws {
        try await self.client.execute(
            operation: "DeleteAccessGrant", 
            path: "/v20180820/accessgrantsinstance/grant/{AccessGrantId}", 
            httpMethod: .DELETE, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    /// Deletes the access grant from the S3 Access Grants instance. You cannot undo an access grant deletion and the grantee will no longer have access to the S3 data.  Permissions  You must have the s3:DeleteAccessGrant permission to use this operation.
    ///
    /// Parameters:
    ///   - accessGrantId: The ID of the access grant. S3 Access Grants auto-generates this ID when you create the access grant.
    ///   - accountId: The Amazon Web Services account ID of the S3 Access Grants instance.
    ///   - logger: Logger use during operation
    @inlinable
    public func deleteAccessGrant(
        accessGrantId: String,
        accountId: String,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws {
        let input = DeleteAccessGrantRequest(
            accessGrantId: accessGrantId, 
            accountId: accountId
        )
        return try await self.deleteAccessGrant(input, logger: logger)
    }

    /// Deletes your S3 Access Grants instance. You must first delete the access grants and locations before S3 Access Grants can delete the instance. See DeleteAccessGrant and DeleteAccessGrantsLocation. If you have associated an IAM Identity Center instance with your S3 Access Grants instance, you must first dissassociate the Identity Center instance from the S3 Access Grants instance before you can delete the S3 Access Grants instance. See AssociateAccessGrantsIdentityCenter and DissociateAccessGrantsIdentityCenter.  Permissions  You must have the s3:DeleteAccessGrantsInstance permission to use this operation.
    @Sendable
    @inlinable
    public func deleteAccessGrantsInstance(_ input: DeleteAccessGrantsInstanceRequest, logger: Logger = AWSClient.loggingDisabled) async throws {
        try await self.client.execute(
            operation: "DeleteAccessGrantsInstance", 
            path: "/v20180820/accessgrantsinstance", 
            httpMethod: .DELETE, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    /// Deletes your S3 Access Grants instance. You must first delete the access grants and locations before S3 Access Grants can delete the instance. See DeleteAccessGrant and DeleteAccessGrantsLocation. If you have associated an IAM Identity Center instance with your S3 Access Grants instance, you must first dissassociate the Identity Center instance from the S3 Access Grants instance before you can delete the S3 Access Grants instance. See AssociateAccessGrantsIdentityCenter and DissociateAccessGrantsIdentityCenter.  Permissions  You must have the s3:DeleteAccessGrantsInstance permission to use this operation.
    ///
    /// Parameters:
    ///   - accountId: The Amazon Web Services account ID of the S3 Access Grants instance.
    ///   - logger: Logger use during operation
    @inlinable
    public func deleteAccessGrantsInstance(
        accountId: String,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws {
        let input = DeleteAccessGrantsInstanceRequest(
            accountId: accountId
        )
        return try await self.deleteAccessGrantsInstance(input, logger: logger)
    }

    /// Deletes the resource policy of the S3 Access Grants instance. The resource policy is used to manage cross-account access to your S3 Access Grants instance. By deleting the resource policy, you delete any cross-account permissions to your S3 Access Grants instance.   Permissions  You must have the s3:DeleteAccessGrantsInstanceResourcePolicy permission to use this operation.
    @Sendable
    @inlinable
    public func deleteAccessGrantsInstanceResourcePolicy(_ input: DeleteAccessGrantsInstanceResourcePolicyRequest, logger: Logger = AWSClient.loggingDisabled) async throws {
        try await self.client.execute(
            operation: "DeleteAccessGrantsInstanceResourcePolicy", 
            path: "/v20180820/accessgrantsinstance/resourcepolicy", 
            httpMethod: .DELETE, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    /// Deletes the resource policy of the S3 Access Grants instance. The resource policy is used to manage cross-account access to your S3 Access Grants instance. By deleting the resource policy, you delete any cross-account permissions to your S3 Access Grants instance.   Permissions  You must have the s3:DeleteAccessGrantsInstanceResourcePolicy permission to use this operation.
    ///
    /// Parameters:
    ///   - accountId: The Amazon Web Services account ID of the S3 Access Grants instance.
    ///   - logger: Logger use during operation
    @inlinable
    public func deleteAccessGrantsInstanceResourcePolicy(
        accountId: String,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws {
        let input = DeleteAccessGrantsInstanceResourcePolicyRequest(
            accountId: accountId
        )
        return try await self.deleteAccessGrantsInstanceResourcePolicy(input, logger: logger)
    }

    /// Deregisters a location from your S3 Access Grants instance. You can only delete a location registration from an S3 Access Grants instance if there are no grants associated with this location. See Delete a grant for information on how to delete grants. You need to have at least one registered location in your S3 Access Grants instance in order to create access grants.   Permissions  You must have the s3:DeleteAccessGrantsLocation permission to use this operation.
    @Sendable
    @inlinable
    public func deleteAccessGrantsLocation(_ input: DeleteAccessGrantsLocationRequest, logger: Logger = AWSClient.loggingDisabled) async throws {
        try await self.client.execute(
            operation: "DeleteAccessGrantsLocation", 
            path: "/v20180820/accessgrantsinstance/location/{AccessGrantsLocationId}", 
            httpMethod: .DELETE, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    /// Deregisters a location from your S3 Access Grants instance. You can only delete a location registration from an S3 Access Grants instance if there are no grants associated with this location. See Delete a grant for information on how to delete grants. You need to have at least one registered location in your S3 Access Grants instance in order to create access grants.   Permissions  You must have the s3:DeleteAccessGrantsLocation permission to use this operation.
    ///
    /// Parameters:
    ///   - accessGrantsLocationId: The ID of the registered location that you are deregistering from your S3 Access Grants instance. S3 Access Grants assigned this ID when you registered the location. S3 Access Grants assigns the ID default to the default location s3:// and assigns an auto-generated ID to other locations that you register.
    ///   - accountId: The Amazon Web Services account ID of the S3 Access Grants instance.
    ///   - logger: Logger use during operation
    @inlinable
    public func deleteAccessGrantsLocation(
        accessGrantsLocationId: String,
        accountId: String,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws {
        let input = DeleteAccessGrantsLocationRequest(
            accessGrantsLocationId: accessGrantsLocationId, 
            accountId: accountId
        )
        return try await self.deleteAccessGrantsLocation(input, logger: logger)
    }

    /// Deletes the specified access point. All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of s3-control. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id derived by using the access point ARN, see the Examples section. The following actions are related to DeleteAccessPoint:    CreateAccessPoint     GetAccessPoint     ListAccessPoints
    @Sendable
    @inlinable
    public func deleteAccessPoint(_ input: DeleteAccessPointRequest, logger: Logger = AWSClient.loggingDisabled) async throws {
        try await self.client.execute(
            operation: "DeleteAccessPoint", 
            path: "/v20180820/accesspoint/{Name}", 
            httpMethod: .DELETE, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    /// Deletes the specified access point. All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of s3-control. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id derived by using the access point ARN, see the Examples section. The following actions are related to DeleteAccessPoint:    CreateAccessPoint     GetAccessPoint     ListAccessPoints
    ///
    /// Parameters:
    ///   - accountId: The Amazon Web Services account ID for the account that owns the specified access point.
    ///   - name: The name of the access point you want to delete. For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well. For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must  specify the ARN of the access point accessed in the format arn:aws:s3-outposts:::outpost//accesspoint/. For example, to access the access point reports-ap through Outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/accesspoint/reports-ap. The value must be URL encoded.
    ///   - logger: Logger use during operation
    @inlinable
    public func deleteAccessPoint(
        accountId: String,
        name: String,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws {
        let input = DeleteAccessPointRequest(
            accountId: accountId, 
            name: name
        )
        return try await self.deleteAccessPoint(input, logger: logger)
    }

    ///  This operation is not supported by directory buckets.  Deletes the specified Object Lambda Access Point. The following actions are related to DeleteAccessPointForObjectLambda:    CreateAccessPointForObjectLambda     GetAccessPointForObjectLambda     ListAccessPointsForObjectLambda
    @Sendable
    @inlinable
    public func deleteAccessPointForObjectLambda(_ input: DeleteAccessPointForObjectLambdaRequest, logger: Logger = AWSClient.loggingDisabled) async throws {
        try await self.client.execute(
            operation: "DeleteAccessPointForObjectLambda", 
            path: "/v20180820/accesspointforobjectlambda/{Name}", 
            httpMethod: .DELETE, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    ///  This operation is not supported by directory buckets.  Deletes the specified Object Lambda Access Point. The following actions are related to DeleteAccessPointForObjectLambda:    CreateAccessPointForObjectLambda     GetAccessPointForObjectLambda     ListAccessPointsForObjectLambda
    ///
    /// Parameters:
    ///   - accountId: The account ID for the account that owns the specified Object Lambda Access Point.
    ///   - name: The name of the access point you want to delete.
    ///   - logger: Logger use during operation
    @inlinable
    public func deleteAccessPointForObjectLambda(
        accountId: String,
        name: String,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws {
        let input = DeleteAccessPointForObjectLambdaRequest(
            accountId: accountId, 
            name: name
        )
        return try await self.deleteAccessPointForObjectLambda(input, logger: logger)
    }

    /// Deletes the access point policy for the specified access point.  All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of s3-control. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id derived by using the access point ARN, see the Examples section. The following actions are related to DeleteAccessPointPolicy:    PutAccessPointPolicy     GetAccessPointPolicy
    @Sendable
    @inlinable
    public func deleteAccessPointPolicy(_ input: DeleteAccessPointPolicyRequest, logger: Logger = AWSClient.loggingDisabled) async throws {
        try await self.client.execute(
            operation: "DeleteAccessPointPolicy", 
            path: "/v20180820/accesspoint/{Name}/policy", 
            httpMethod: .DELETE, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    /// Deletes the access point policy for the specified access point.  All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of s3-control. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id derived by using the access point ARN, see the Examples section. The following actions are related to DeleteAccessPointPolicy:    PutAccessPointPolicy     GetAccessPointPolicy
    ///
    /// Parameters:
    ///   - accountId: The account ID for the account that owns the specified access point.
    ///   - name: The name of the access point whose policy you want to delete. For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well. For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must  specify the ARN of the access point accessed in the format arn:aws:s3-outposts:::outpost//accesspoint/. For example, to access the access point reports-ap through Outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/accesspoint/reports-ap. The value must be URL encoded.
    ///   - logger: Logger use during operation
    @inlinable
    public func deleteAccessPointPolicy(
        accountId: String,
        name: String,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws {
        let input = DeleteAccessPointPolicyRequest(
            accountId: accountId, 
            name: name
        )
        return try await self.deleteAccessPointPolicy(input, logger: logger)
    }

    ///  This operation is not supported by directory buckets.  Removes the resource policy for an Object Lambda Access Point. The following actions are related to DeleteAccessPointPolicyForObjectLambda:    GetAccessPointPolicyForObjectLambda     PutAccessPointPolicyForObjectLambda
    @Sendable
    @inlinable
    public func deleteAccessPointPolicyForObjectLambda(_ input: DeleteAccessPointPolicyForObjectLambdaRequest, logger: Logger = AWSClient.loggingDisabled) async throws {
        try await self.client.execute(
            operation: "DeleteAccessPointPolicyForObjectLambda", 
            path: "/v20180820/accesspointforobjectlambda/{Name}/policy", 
            httpMethod: .DELETE, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    ///  This operation is not supported by directory buckets.  Removes the resource policy for an Object Lambda Access Point. The following actions are related to DeleteAccessPointPolicyForObjectLambda:    GetAccessPointPolicyForObjectLambda     PutAccessPointPolicyForObjectLambda
    ///
    /// Parameters:
    ///   - accountId: The account ID for the account that owns the specified Object Lambda Access Point.
    ///   - name: The name of the Object Lambda Access Point you want to delete the policy for.
    ///   - logger: Logger use during operation
    @inlinable
    public func deleteAccessPointPolicyForObjectLambda(
        accountId: String,
        name: String,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws {
        let input = DeleteAccessPointPolicyForObjectLambdaRequest(
            accountId: accountId, 
            name: name
        )
        return try await self.deleteAccessPointPolicyForObjectLambda(input, logger: logger)
    }

    ///  Deletes an existing access point scope for a directory bucket.  When you delete the scope of an access point, all prefixes and permissions are deleted.  To use this operation, you must have the permission to perform the s3express:DeleteAccessPointScope action. For information about REST API errors, see REST error responses.
    @Sendable
    @inlinable
    public func deleteAccessPointScope(_ input: DeleteAccessPointScopeRequest, logger: Logger = AWSClient.loggingDisabled) async throws {
        try await self.client.execute(
            operation: "DeleteAccessPointScope", 
            path: "/v20180820/accesspoint/{Name}/scope", 
            httpMethod: .DELETE, 
            serviceConfig: self.config, 
            input: input, 
            logger: logger
        )
    }
    ///  Deletes an existing access point scope for a directory bucket.  When you delete the scope of an access point, all prefixes and permissions are deleted.  To use this operation, you must have the permission to perform the s3express:DeleteAccessPointScope action. For information about REST API errors, see REST error responses.
    ///
    /// Parameters:
    ///   - accountId:  The Amazon Web Services account ID that owns the access point with the scope that you want to delete.
    ///   - name:  The name of the access point with the scope that you want to delete.
    ///   - logger: Logger use during operation
    @inlinable
    public func deleteAccessPointScope(
        accountId: String,
        name: String,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws {
        let input = DeleteAccessPointScopeRequest(
            accountId: accountId, 
            name: name
        )
        return try await self.deleteAccessPointScope(input, logger: logger)
    }

    ///  This action deletes an Amazon S3 on Outposts bucket. To delete an S3 bucket, see DeleteBucket in the Amazon S3 API Reference.   Deletes the Amazon S3 on Outposts bucket. All objects (including all object versions and delete markers) in the bucket must be deleted before the bucket itself can be deleted. For more information, see Using Amazon S3 on Outposts in Amazon S3 User Guide. All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of s3-control. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id derived by using the access point ARN, see the Examples section.  Related Resources     CreateBucket     GetBucket     DeleteObject
    @Sendable
    @inlinable
    public func deleteBucket(_ input: DeleteBucketRequest, logger: Logger = AWSClient.loggingDisabled) async throws {
        try await self.client.execute(
            operation: "DeleteBucket", 
            path: "/v20180820/bucket/{Bucket}", 
            httpMethod: .DELETE, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    ///  This action deletes an Amazon S3 on Outposts bucket. To delete an S3 bucket, see DeleteBucket in the Amazon S3 API Reference.   Deletes the Amazon S3 on Outposts bucket. All objects (including all object versions and delete markers) in the bucket must be deleted before the bucket itself can be deleted. For more information, see Using Amazon S3 on Outposts in Amazon S3 User Guide. All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of s3-control. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id derived by using the access point ARN, see the Examples section.  Related Resources     CreateBucket     GetBucket     DeleteObject
    ///
    /// Parameters:
    ///   - accountId: The account ID that owns the Outposts bucket.
    ///   - bucket: Specifies the bucket being deleted. For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well. For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must  specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:::outpost//bucket/. For example, to access the bucket reports through Outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports. The value must be URL encoded.
    ///   - logger: Logger use during operation
    @inlinable
    public func deleteBucket(
        accountId: String,
        bucket: String,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws {
        let input = DeleteBucketRequest(
            accountId: accountId, 
            bucket: bucket
        )
        return try await self.deleteBucket(input, logger: logger)
    }

    ///  This action deletes an Amazon S3 on Outposts bucket's lifecycle configuration. To delete an S3 bucket's lifecycle configuration, see DeleteBucketLifecycle in the Amazon S3 API Reference.   Deletes the lifecycle configuration from the specified Outposts bucket. Amazon S3 on Outposts removes all the lifecycle configuration rules in the lifecycle subresource associated with the bucket. Your objects never expire, and Amazon S3 on Outposts no longer automatically deletes any objects on the basis of rules contained in the deleted lifecycle configuration. For more information, see Using Amazon S3 on Outposts in Amazon S3 User Guide. To use this operation, you must have permission to perform the s3-outposts:PutLifecycleConfiguration action. By default, the bucket owner has this permission and the Outposts bucket owner can grant this permission to others. All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of s3-control. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id derived by using the access point ARN, see the Examples section. For more information about object expiration, see Elements to Describe Lifecycle Actions. Related actions include:    PutBucketLifecycleConfiguration     GetBucketLifecycleConfiguration
    @Sendable
    @inlinable
    public func deleteBucketLifecycleConfiguration(_ input: DeleteBucketLifecycleConfigurationRequest, logger: Logger = AWSClient.loggingDisabled) async throws {
        try await self.client.execute(
            operation: "DeleteBucketLifecycleConfiguration", 
            path: "/v20180820/bucket/{Bucket}/lifecycleconfiguration", 
            httpMethod: .DELETE, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    ///  This action deletes an Amazon S3 on Outposts bucket's lifecycle configuration. To delete an S3 bucket's lifecycle configuration, see DeleteBucketLifecycle in the Amazon S3 API Reference.   Deletes the lifecycle configuration from the specified Outposts bucket. Amazon S3 on Outposts removes all the lifecycle configuration rules in the lifecycle subresource associated with the bucket. Your objects never expire, and Amazon S3 on Outposts no longer automatically deletes any objects on the basis of rules contained in the deleted lifecycle configuration. For more information, see Using Amazon S3 on Outposts in Amazon S3 User Guide. To use this operation, you must have permission to perform the s3-outposts:PutLifecycleConfiguration action. By default, the bucket owner has this permission and the Outposts bucket owner can grant this permission to others. All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of s3-control. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id derived by using the access point ARN, see the Examples section. For more information about object expiration, see Elements to Describe Lifecycle Actions. Related actions include:    PutBucketLifecycleConfiguration     GetBucketLifecycleConfiguration
    ///
    /// Parameters:
    ///   - accountId: The account ID of the lifecycle configuration to delete.
    ///   - bucket: Specifies the bucket. For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well. For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must  specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:::outpost//bucket/. For example, to access the bucket reports through Outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports. The value must be URL encoded.
    ///   - logger: Logger use during operation
    @inlinable
    public func deleteBucketLifecycleConfiguration(
        accountId: String,
        bucket: String,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws {
        let input = DeleteBucketLifecycleConfigurationRequest(
            accountId: accountId, 
            bucket: bucket
        )
        return try await self.deleteBucketLifecycleConfiguration(input, logger: logger)
    }

    ///  This action deletes an Amazon S3 on Outposts bucket policy. To delete an S3 bucket policy, see DeleteBucketPolicy in the Amazon S3 API Reference.   This implementation of the DELETE action uses the policy subresource to delete the policy of a specified Amazon S3 on Outposts bucket. If you are using an identity other than the root user of the Amazon Web Services account that owns the bucket, the calling identity must have the s3-outposts:DeleteBucketPolicy permissions on the specified Outposts bucket and belong to the bucket owner's account to use this action. For more information, see Using Amazon S3 on Outposts in Amazon S3 User Guide. If you don't have DeleteBucketPolicy permissions, Amazon S3 returns a 403 Access Denied error. If you have the correct permissions, but you're not using an identity that belongs to the bucket owner's account, Amazon S3 returns a 405 Method Not Allowed error.   As a security precaution, the root user of the Amazon Web Services account that owns a bucket can always use this action, even if the policy explicitly denies the root user the ability to perform this action.  For more information about bucket policies, see Using Bucket Policies and User Policies.  All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of s3-control. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id derived by using the access point ARN, see the Examples section. The following actions are related to DeleteBucketPolicy:    GetBucketPolicy     PutBucketPolicy
    @Sendable
    @inlinable
    public func deleteBucketPolicy(_ input: DeleteBucketPolicyRequest, logger: Logger = AWSClient.loggingDisabled) async throws {
        try await self.client.execute(
            operation: "DeleteBucketPolicy", 
            path: "/v20180820/bucket/{Bucket}/policy", 
            httpMethod: .DELETE, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    ///  This action deletes an Amazon S3 on Outposts bucket policy. To delete an S3 bucket policy, see DeleteBucketPolicy in the Amazon S3 API Reference.   This implementation of the DELETE action uses the policy subresource to delete the policy of a specified Amazon S3 on Outposts bucket. If you are using an identity other than the root user of the Amazon Web Services account that owns the bucket, the calling identity must have the s3-outposts:DeleteBucketPolicy permissions on the specified Outposts bucket and belong to the bucket owner's account to use this action. For more information, see Using Amazon S3 on Outposts in Amazon S3 User Guide. If you don't have DeleteBucketPolicy permissions, Amazon S3 returns a 403 Access Denied error. If you have the correct permissions, but you're not using an identity that belongs to the bucket owner's account, Amazon S3 returns a 405 Method Not Allowed error.   As a security precaution, the root user of the Amazon Web Services account that owns a bucket can always use this action, even if the policy explicitly denies the root user the ability to perform this action.  For more information about bucket policies, see Using Bucket Policies and User Policies.  All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of s3-control. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id derived by using the access point ARN, see the Examples section. The following actions are related to DeleteBucketPolicy:    GetBucketPolicy     PutBucketPolicy
    ///
    /// Parameters:
    ///   - accountId: The account ID of the Outposts bucket.
    ///   - bucket: Specifies the bucket. For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well. For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must  specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:::outpost//bucket/. For example, to access the bucket reports through Outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports. The value must be URL encoded.
    ///   - logger: Logger use during operation
    @inlinable
    public func deleteBucketPolicy(
        accountId: String,
        bucket: String,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws {
        let input = DeleteBucketPolicyRequest(
            accountId: accountId, 
            bucket: bucket
        )
        return try await self.deleteBucketPolicy(input, logger: logger)
    }

    ///  This operation deletes an Amazon S3 on Outposts bucket's replication configuration. To delete an S3 bucket's replication configuration, see DeleteBucketReplication in the Amazon S3 API Reference.   Deletes the replication configuration from the specified S3 on Outposts bucket. To use this operation, you must have permissions to perform the s3-outposts:PutReplicationConfiguration action. The Outposts bucket owner has this permission by default and can grant it to others. For more information about permissions, see Setting up IAM with S3 on Outposts and Managing access to S3 on Outposts buckets in the Amazon S3 User Guide.  It can take a while to propagate PUT or DELETE requests for a replication configuration to all S3 on Outposts systems. Therefore, the replication configuration that's returned by a GET request soon after a PUT or DELETE request might return a more recent result than what's on the Outpost. If an Outpost is offline, the delay in updating the replication configuration on that Outpost can be significant.  All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of s3-control. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id derived by using the access point ARN, see the Examples section. For information about S3 replication on Outposts configuration, see Replicating objects for S3 on Outposts in the Amazon S3 User Guide. The following operations are related to DeleteBucketReplication:    PutBucketReplication     GetBucketReplication
    @Sendable
    @inlinable
    public func deleteBucketReplication(_ input: DeleteBucketReplicationRequest, logger: Logger = AWSClient.loggingDisabled) async throws {
        try await self.client.execute(
            operation: "DeleteBucketReplication", 
            path: "/v20180820/bucket/{Bucket}/replication", 
            httpMethod: .DELETE, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    ///  This operation deletes an Amazon S3 on Outposts bucket's replication configuration. To delete an S3 bucket's replication configuration, see DeleteBucketReplication in the Amazon S3 API Reference.   Deletes the replication configuration from the specified S3 on Outposts bucket. To use this operation, you must have permissions to perform the s3-outposts:PutReplicationConfiguration action. The Outposts bucket owner has this permission by default and can grant it to others. For more information about permissions, see Setting up IAM with S3 on Outposts and Managing access to S3 on Outposts buckets in the Amazon S3 User Guide.  It can take a while to propagate PUT or DELETE requests for a replication configuration to all S3 on Outposts systems. Therefore, the replication configuration that's returned by a GET request soon after a PUT or DELETE request might return a more recent result than what's on the Outpost. If an Outpost is offline, the delay in updating the replication configuration on that Outpost can be significant.  All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of s3-control. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id derived by using the access point ARN, see the Examples section. For information about S3 replication on Outposts configuration, see Replicating objects for S3 on Outposts in the Amazon S3 User Guide. The following operations are related to DeleteBucketReplication:    PutBucketReplication     GetBucketReplication
    ///
    /// Parameters:
    ///   - accountId: The Amazon Web Services account ID of the Outposts bucket to delete the replication configuration for.
    ///   - bucket: Specifies the S3 on Outposts bucket to delete the replication configuration for. For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well. For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must  specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:::outpost//bucket/. For example, to access the bucket reports through Outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports. The value must be URL encoded.
    ///   - logger: Logger use during operation
    @inlinable
    public func deleteBucketReplication(
        accountId: String,
        bucket: String,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws {
        let input = DeleteBucketReplicationRequest(
            accountId: accountId, 
            bucket: bucket
        )
        return try await self.deleteBucketReplication(input, logger: logger)
    }

    ///  This action deletes an Amazon S3 on Outposts bucket's tags. To delete an S3 bucket tags, see DeleteBucketTagging in the Amazon S3 API Reference.   Deletes the tags from the Outposts bucket. For more information, see Using Amazon S3 on Outposts in Amazon S3 User Guide. To use this action, you must have permission to perform the PutBucketTagging action. By default, the bucket owner has this permission and can grant this permission to others.  All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of s3-control. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id derived by using the access point ARN, see the Examples section. The following actions are related to DeleteBucketTagging:    GetBucketTagging     PutBucketTagging
    @Sendable
    @inlinable
    public func deleteBucketTagging(_ input: DeleteBucketTaggingRequest, logger: Logger = AWSClient.loggingDisabled) async throws {
        try await self.client.execute(
            operation: "DeleteBucketTagging", 
            path: "/v20180820/bucket/{Bucket}/tagging", 
            httpMethod: .DELETE, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    ///  This action deletes an Amazon S3 on Outposts bucket's tags. To delete an S3 bucket tags, see DeleteBucketTagging in the Amazon S3 API Reference.   Deletes the tags from the Outposts bucket. For more information, see Using Amazon S3 on Outposts in Amazon S3 User Guide. To use this action, you must have permission to perform the PutBucketTagging action. By default, the bucket owner has this permission and can grant this permission to others.  All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of s3-control. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id derived by using the access point ARN, see the Examples section. The following actions are related to DeleteBucketTagging:    GetBucketTagging     PutBucketTagging
    ///
    /// Parameters:
    ///   - accountId: The Amazon Web Services account ID of the Outposts bucket tag set to be removed.
    ///   - bucket: The bucket ARN that has the tag set to be removed. For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well. For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must  specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:::outpost//bucket/. For example, to access the bucket reports through Outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports. The value must be URL encoded.
    ///   - logger: Logger use during operation
    @inlinable
    public func deleteBucketTagging(
        accountId: String,
        bucket: String,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws {
        let input = DeleteBucketTaggingRequest(
            accountId: accountId, 
            bucket: bucket
        )
        return try await self.deleteBucketTagging(input, logger: logger)
    }

    /// Removes the entire tag set from the specified S3 Batch Operations job.  Permissions  To use the DeleteJobTagging operation, you must have permission to perform the s3:DeleteJobTagging action. For more information, see Controlling access and labeling jobs using tags in the Amazon S3 User Guide.   Related actions include:    CreateJob     GetJobTagging     PutJobTagging
    @Sendable
    @inlinable
    public func deleteJobTagging(_ input: DeleteJobTaggingRequest, logger: Logger = AWSClient.loggingDisabled) async throws -> DeleteJobTaggingResult {
        try await self.client.execute(
            operation: "DeleteJobTagging", 
            path: "/v20180820/jobs/{JobId}/tagging", 
            httpMethod: .DELETE, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    /// Removes the entire tag set from the specified S3 Batch Operations job.  Permissions  To use the DeleteJobTagging operation, you must have permission to perform the s3:DeleteJobTagging action. For more information, see Controlling access and labeling jobs using tags in the Amazon S3 User Guide.   Related actions include:    CreateJob     GetJobTagging     PutJobTagging
    ///
    /// Parameters:
    ///   - accountId: The Amazon Web Services account ID associated with the S3 Batch Operations job.
    ///   - jobId: The ID for the S3 Batch Operations job whose tags you want to delete.
    ///   - logger: Logger use during operation
    @inlinable
    public func deleteJobTagging(
        accountId: String,
        jobId: String,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws -> DeleteJobTaggingResult {
        let input = DeleteJobTaggingRequest(
            accountId: accountId, 
            jobId: jobId
        )
        return try await self.deleteJobTagging(input, logger: logger)
    }

    ///  This operation is not supported by directory buckets.  Deletes a Multi-Region Access Point. This action does not delete the buckets associated with the Multi-Region Access Point, only the Multi-Region Access Point itself. This action will always be routed to the US West (Oregon) Region. For more information about the restrictions around working with Multi-Region Access Points, see Multi-Region Access Point restrictions and limitations in the Amazon S3 User Guide. This request is asynchronous, meaning that you might receive a response before the command has completed. When this request provides a response, it provides a token that you can use to monitor the status of the request with DescribeMultiRegionAccessPointOperation. The following actions are related to DeleteMultiRegionAccessPoint:    CreateMultiRegionAccessPoint     DescribeMultiRegionAccessPointOperation     GetMultiRegionAccessPoint     ListMultiRegionAccessPoints
    @Sendable
    @inlinable
    public func deleteMultiRegionAccessPoint(_ input: DeleteMultiRegionAccessPointRequest, logger: Logger = AWSClient.loggingDisabled) async throws -> DeleteMultiRegionAccessPointResult {
        try await self.client.execute(
            operation: "DeleteMultiRegionAccessPoint", 
            path: "/v20180820/async-requests/mrap/delete", 
            httpMethod: .POST, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    ///  This operation is not supported by directory buckets.  Deletes a Multi-Region Access Point. This action does not delete the buckets associated with the Multi-Region Access Point, only the Multi-Region Access Point itself. This action will always be routed to the US West (Oregon) Region. For more information about the restrictions around working with Multi-Region Access Points, see Multi-Region Access Point restrictions and limitations in the Amazon S3 User Guide. This request is asynchronous, meaning that you might receive a response before the command has completed. When this request provides a response, it provides a token that you can use to monitor the status of the request with DescribeMultiRegionAccessPointOperation. The following actions are related to DeleteMultiRegionAccessPoint:    CreateMultiRegionAccessPoint     DescribeMultiRegionAccessPointOperation     GetMultiRegionAccessPoint     ListMultiRegionAccessPoints
    ///
    /// Parameters:
    ///   - accountId: The Amazon Web Services account ID for the owner of the Multi-Region Access Point.
    ///   - clientToken: An idempotency token used to identify the request and guarantee that requests are unique.
    ///   - details: A container element containing details about the Multi-Region Access Point.
    ///   - logger: Logger use during operation
    @inlinable
    public func deleteMultiRegionAccessPoint(
        accountId: String,
        clientToken: String = DeleteMultiRegionAccessPointRequest.idempotencyToken(),
        details: DeleteMultiRegionAccessPointInput,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws -> DeleteMultiRegionAccessPointResult {
        let input = DeleteMultiRegionAccessPointRequest(
            accountId: accountId, 
            clientToken: clientToken, 
            details: details
        )
        return try await self.deleteMultiRegionAccessPoint(input, logger: logger)
    }

    ///  This operation is not supported by directory buckets.  Removes the PublicAccessBlock configuration for an Amazon Web Services account. For more information, see  Using Amazon S3 block public access. Related actions include:    GetPublicAccessBlock     PutPublicAccessBlock
    @Sendable
    @inlinable
    public func deletePublicAccessBlock(_ input: DeletePublicAccessBlockRequest, logger: Logger = AWSClient.loggingDisabled) async throws {
        try await self.client.execute(
            operation: "DeletePublicAccessBlock", 
            path: "/v20180820/configuration/publicAccessBlock", 
            httpMethod: .DELETE, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    ///  This operation is not supported by directory buckets.  Removes the PublicAccessBlock configuration for an Amazon Web Services account. For more information, see  Using Amazon S3 block public access. Related actions include:    GetPublicAccessBlock     PutPublicAccessBlock
    ///
    /// Parameters:
    ///   - accountId: The account ID for the Amazon Web Services account whose PublicAccessBlock configuration you want to remove.
    ///   - logger: Logger use during operation
    @inlinable
    public func deletePublicAccessBlock(
        accountId: String,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws {
        let input = DeletePublicAccessBlockRequest(
            accountId: accountId
        )
        return try await self.deletePublicAccessBlock(input, logger: logger)
    }

    ///  This operation is not supported by directory buckets.  Deletes the Amazon S3 Storage Lens configuration. For more information about S3 Storage Lens, see Assessing your storage activity and usage with Amazon S3 Storage Lens  in the Amazon S3 User Guide.  To use this action, you must have permission to perform the s3:DeleteStorageLensConfiguration action. For more information, see Setting permissions to use Amazon S3 Storage Lens in the Amazon S3 User Guide.
    @Sendable
    @inlinable
    public func deleteStorageLensConfiguration(_ input: DeleteStorageLensConfigurationRequest, logger: Logger = AWSClient.loggingDisabled) async throws {
        try await self.client.execute(
            operation: "DeleteStorageLensConfiguration", 
            path: "/v20180820/storagelens/{ConfigId}", 
            httpMethod: .DELETE, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    ///  This operation is not supported by directory buckets.  Deletes the Amazon S3 Storage Lens configuration. For more information about S3 Storage Lens, see Assessing your storage activity and usage with Amazon S3 Storage Lens  in the Amazon S3 User Guide.  To use this action, you must have permission to perform the s3:DeleteStorageLensConfiguration action. For more information, see Setting permissions to use Amazon S3 Storage Lens in the Amazon S3 User Guide.
    ///
    /// Parameters:
    ///   - accountId: The account ID of the requester.
    ///   - configId: The ID of the S3 Storage Lens configuration.
    ///   - logger: Logger use during operation
    @inlinable
    public func deleteStorageLensConfiguration(
        accountId: String,
        configId: String,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws {
        let input = DeleteStorageLensConfigurationRequest(
            accountId: accountId, 
            configId: configId
        )
        return try await self.deleteStorageLensConfiguration(input, logger: logger)
    }

    ///  This operation is not supported by directory buckets.  Deletes the Amazon S3 Storage Lens configuration tags. For more information about S3 Storage Lens, see Assessing your storage activity and usage with Amazon S3 Storage Lens  in the Amazon S3 User Guide.  To use this action, you must have permission to perform the s3:DeleteStorageLensConfigurationTagging action. For more information, see Setting permissions to use Amazon S3 Storage Lens in the Amazon S3 User Guide.
    @Sendable
    @inlinable
    public func deleteStorageLensConfigurationTagging(_ input: DeleteStorageLensConfigurationTaggingRequest, logger: Logger = AWSClient.loggingDisabled) async throws -> DeleteStorageLensConfigurationTaggingResult {
        try await self.client.execute(
            operation: "DeleteStorageLensConfigurationTagging", 
            path: "/v20180820/storagelens/{ConfigId}/tagging", 
            httpMethod: .DELETE, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    ///  This operation is not supported by directory buckets.  Deletes the Amazon S3 Storage Lens configuration tags. For more information about S3 Storage Lens, see Assessing your storage activity and usage with Amazon S3 Storage Lens  in the Amazon S3 User Guide.  To use this action, you must have permission to perform the s3:DeleteStorageLensConfigurationTagging action. For more information, see Setting permissions to use Amazon S3 Storage Lens in the Amazon S3 User Guide.
    ///
    /// Parameters:
    ///   - accountId: The account ID of the requester.
    ///   - configId: The ID of the S3 Storage Lens configuration.
    ///   - logger: Logger use during operation
    @inlinable
    public func deleteStorageLensConfigurationTagging(
        accountId: String,
        configId: String,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws -> DeleteStorageLensConfigurationTaggingResult {
        let input = DeleteStorageLensConfigurationTaggingRequest(
            accountId: accountId, 
            configId: configId
        )
        return try await self.deleteStorageLensConfigurationTagging(input, logger: logger)
    }

    /// Deletes an existing S3 Storage Lens group. To use this operation, you must have the permission to perform the s3:DeleteStorageLensGroup action. For more information about the required Storage Lens Groups permissions, see Setting account permissions to use S3 Storage Lens groups. For information about Storage Lens groups errors, see List of Amazon S3 Storage Lens error codes.
    @Sendable
    @inlinable
    public func deleteStorageLensGroup(_ input: DeleteStorageLensGroupRequest, logger: Logger = AWSClient.loggingDisabled) async throws {
        try await self.client.execute(
            operation: "DeleteStorageLensGroup", 
            path: "/v20180820/storagelensgroup/{Name}", 
            httpMethod: .DELETE, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    /// Deletes an existing S3 Storage Lens group. To use this operation, you must have the permission to perform the s3:DeleteStorageLensGroup action. For more information about the required Storage Lens Groups permissions, see Setting account permissions to use S3 Storage Lens groups. For information about Storage Lens groups errors, see List of Amazon S3 Storage Lens error codes.
    ///
    /// Parameters:
    ///   - accountId: The Amazon Web Services account ID used to create the Storage Lens group that you're trying to delete.
    ///   - name: The name of the Storage Lens group that you're trying to delete.
    ///   - logger: Logger use during operation
    @inlinable
    public func deleteStorageLensGroup(
        accountId: String,
        name: String,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws {
        let input = DeleteStorageLensGroupRequest(
            accountId: accountId, 
            name: name
        )
        return try await self.deleteStorageLensGroup(input, logger: logger)
    }

    /// Retrieves the configuration parameters and status for a Batch Operations job. For more information, see S3 Batch Operations in the Amazon S3 User Guide.  Permissions  To use the DescribeJob operation, you must have permission to perform the s3:DescribeJob action.   Related actions include:    CreateJob     ListJobs     UpdateJobPriority     UpdateJobStatus
    @Sendable
    @inlinable
    public func describeJob(_ input: DescribeJobRequest, logger: Logger = AWSClient.loggingDisabled) async throws -> DescribeJobResult {
        try await self.client.execute(
            operation: "DescribeJob", 
            path: "/v20180820/jobs/{JobId}", 
            httpMethod: .GET, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    /// Retrieves the configuration parameters and status for a Batch Operations job. For more information, see S3 Batch Operations in the Amazon S3 User Guide.  Permissions  To use the DescribeJob operation, you must have permission to perform the s3:DescribeJob action.   Related actions include:    CreateJob     ListJobs     UpdateJobPriority     UpdateJobStatus
    ///
    /// Parameters:
    ///   - accountId: The Amazon Web Services account ID associated with the S3 Batch Operations job.
    ///   - jobId: The ID for the job whose information you want to retrieve.
    ///   - logger: Logger use during operation
    @inlinable
    public func describeJob(
        accountId: String,
        jobId: String,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws -> DescribeJobResult {
        let input = DescribeJobRequest(
            accountId: accountId, 
            jobId: jobId
        )
        return try await self.describeJob(input, logger: logger)
    }

    ///  This operation is not supported by directory buckets.  Retrieves the status of an asynchronous request to manage a Multi-Region Access Point. For more information about managing Multi-Region Access Points and how asynchronous requests work, see Using Multi-Region Access Points in the Amazon S3 User Guide. The following actions are related to GetMultiRegionAccessPoint:    CreateMultiRegionAccessPoint     DeleteMultiRegionAccessPoint     GetMultiRegionAccessPoint     ListMultiRegionAccessPoints
    @Sendable
    @inlinable
    public func describeMultiRegionAccessPointOperation(_ input: DescribeMultiRegionAccessPointOperationRequest, logger: Logger = AWSClient.loggingDisabled) async throws -> DescribeMultiRegionAccessPointOperationResult {
        try await self.client.execute(
            operation: "DescribeMultiRegionAccessPointOperation", 
            path: "/v20180820/async-requests/mrap/{RequestTokenARN+}", 
            httpMethod: .GET, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    ///  This operation is not supported by directory buckets.  Retrieves the status of an asynchronous request to manage a Multi-Region Access Point. For more information about managing Multi-Region Access Points and how asynchronous requests work, see Using Multi-Region Access Points in the Amazon S3 User Guide. The following actions are related to GetMultiRegionAccessPoint:    CreateMultiRegionAccessPoint     DeleteMultiRegionAccessPoint     GetMultiRegionAccessPoint     ListMultiRegionAccessPoints
    ///
    /// Parameters:
    ///   - accountId: The Amazon Web Services account ID for the owner of the Multi-Region Access Point.
    ///   - requestTokenARN: The request token associated with the request you want to know about. This request token is returned as part of the response when you make an asynchronous request. You provide this token to query about the status of the asynchronous action.
    ///   - logger: Logger use during operation
    @inlinable
    public func describeMultiRegionAccessPointOperation(
        accountId: String,
        requestTokenARN: String,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws -> DescribeMultiRegionAccessPointOperationResult {
        let input = DescribeMultiRegionAccessPointOperationRequest(
            accountId: accountId, 
            requestTokenARN: requestTokenARN
        )
        return try await self.describeMultiRegionAccessPointOperation(input, logger: logger)
    }

    /// Dissociates the Amazon Web Services IAM Identity Center instance from the S3 Access Grants instance.   Permissions  You must have the s3:DissociateAccessGrantsIdentityCenter permission to use this operation.   Additional Permissions  You must have the sso:DeleteApplication permission to use this operation.
    @Sendable
    @inlinable
    public func dissociateAccessGrantsIdentityCenter(_ input: DissociateAccessGrantsIdentityCenterRequest, logger: Logger = AWSClient.loggingDisabled) async throws {
        try await self.client.execute(
            operation: "DissociateAccessGrantsIdentityCenter", 
            path: "/v20180820/accessgrantsinstance/identitycenter", 
            httpMethod: .DELETE, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    /// Dissociates the Amazon Web Services IAM Identity Center instance from the S3 Access Grants instance.   Permissions  You must have the s3:DissociateAccessGrantsIdentityCenter permission to use this operation.   Additional Permissions  You must have the sso:DeleteApplication permission to use this operation.
    ///
    /// Parameters:
    ///   - accountId: The Amazon Web Services account ID of the S3 Access Grants instance.
    ///   - logger: Logger use during operation
    @inlinable
    public func dissociateAccessGrantsIdentityCenter(
        accountId: String,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws {
        let input = DissociateAccessGrantsIdentityCenterRequest(
            accountId: accountId
        )
        return try await self.dissociateAccessGrantsIdentityCenter(input, logger: logger)
    }

    /// Get the details of an access grant from your S3 Access Grants instance.  Permissions  You must have the s3:GetAccessGrant permission to use this operation.
    @Sendable
    @inlinable
    public func getAccessGrant(_ input: GetAccessGrantRequest, logger: Logger = AWSClient.loggingDisabled) async throws -> GetAccessGrantResult {
        try await self.client.execute(
            operation: "GetAccessGrant", 
            path: "/v20180820/accessgrantsinstance/grant/{AccessGrantId}", 
            httpMethod: .GET, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    /// Get the details of an access grant from your S3 Access Grants instance.  Permissions  You must have the s3:GetAccessGrant permission to use this operation.
    ///
    /// Parameters:
    ///   - accessGrantId: The ID of the access grant. S3 Access Grants auto-generates this ID when you create the access grant.
    ///   - accountId: The Amazon Web Services account ID of the S3 Access Grants instance.
    ///   - logger: Logger use during operation
    @inlinable
    public func getAccessGrant(
        accessGrantId: String,
        accountId: String,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws -> GetAccessGrantResult {
        let input = GetAccessGrantRequest(
            accessGrantId: accessGrantId, 
            accountId: accountId
        )
        return try await self.getAccessGrant(input, logger: logger)
    }

    /// Retrieves the S3 Access Grants instance for a Region in your account.   Permissions  You must have the s3:GetAccessGrantsInstance permission to use this operation.      GetAccessGrantsInstance is not supported for cross-account access. You can only call the API from the account that owns the S3 Access Grants instance.
    @Sendable
    @inlinable
    public func getAccessGrantsInstance(_ input: GetAccessGrantsInstanceRequest, logger: Logger = AWSClient.loggingDisabled) async throws -> GetAccessGrantsInstanceResult {
        try await self.client.execute(
            operation: "GetAccessGrantsInstance", 
            path: "/v20180820/accessgrantsinstance", 
            httpMethod: .GET, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    /// Retrieves the S3 Access Grants instance for a Region in your account.   Permissions  You must have the s3:GetAccessGrantsInstance permission to use this operation.      GetAccessGrantsInstance is not supported for cross-account access. You can only call the API from the account that owns the S3 Access Grants instance.
    ///
    /// Parameters:
    ///   - accountId: The Amazon Web Services account ID of the S3 Access Grants instance.
    ///   - logger: Logger use during operation
    @inlinable
    public func getAccessGrantsInstance(
        accountId: String,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws -> GetAccessGrantsInstanceResult {
        let input = GetAccessGrantsInstanceRequest(
            accountId: accountId
        )
        return try await self.getAccessGrantsInstance(input, logger: logger)
    }

    /// Retrieve the S3 Access Grants instance that contains a particular prefix.    Permissions  You must have the s3:GetAccessGrantsInstanceForPrefix permission for the caller account to use this operation.   Additional Permissions  The prefix owner account must grant you the following permissions to their S3 Access Grants instance: s3:GetAccessGrantsInstanceForPrefix.
    @Sendable
    @inlinable
    public func getAccessGrantsInstanceForPrefix(_ input: GetAccessGrantsInstanceForPrefixRequest, logger: Logger = AWSClient.loggingDisabled) async throws -> GetAccessGrantsInstanceForPrefixResult {
        try await self.client.execute(
            operation: "GetAccessGrantsInstanceForPrefix", 
            path: "/v20180820/accessgrantsinstance/prefix", 
            httpMethod: .GET, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    /// Retrieve the S3 Access Grants instance that contains a particular prefix.    Permissions  You must have the s3:GetAccessGrantsInstanceForPrefix permission for the caller account to use this operation.   Additional Permissions  The prefix owner account must grant you the following permissions to their S3 Access Grants instance: s3:GetAccessGrantsInstanceForPrefix.
    ///
    /// Parameters:
    ///   - accountId: The ID of the Amazon Web Services account that is making this request.
    ///   - s3Prefix: The S3 prefix of the access grants that you would like to retrieve.
    ///   - logger: Logger use during operation
    @inlinable
    public func getAccessGrantsInstanceForPrefix(
        accountId: String,
        s3Prefix: String,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws -> GetAccessGrantsInstanceForPrefixResult {
        let input = GetAccessGrantsInstanceForPrefixRequest(
            accountId: accountId, 
            s3Prefix: s3Prefix
        )
        return try await self.getAccessGrantsInstanceForPrefix(input, logger: logger)
    }

    /// Returns the resource policy of the S3 Access Grants instance.   Permissions  You must have the s3:GetAccessGrantsInstanceResourcePolicy permission to use this operation.
    @Sendable
    @inlinable
    public func getAccessGrantsInstanceResourcePolicy(_ input: GetAccessGrantsInstanceResourcePolicyRequest, logger: Logger = AWSClient.loggingDisabled) async throws -> GetAccessGrantsInstanceResourcePolicyResult {
        try await self.client.execute(
            operation: "GetAccessGrantsInstanceResourcePolicy", 
            path: "/v20180820/accessgrantsinstance/resourcepolicy", 
            httpMethod: .GET, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    /// Returns the resource policy of the S3 Access Grants instance.   Permissions  You must have the s3:GetAccessGrantsInstanceResourcePolicy permission to use this operation.
    ///
    /// Parameters:
    ///   - accountId: The Amazon Web Services account ID of the S3 Access Grants instance.
    ///   - logger: Logger use during operation
    @inlinable
    public func getAccessGrantsInstanceResourcePolicy(
        accountId: String,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws -> GetAccessGrantsInstanceResourcePolicyResult {
        let input = GetAccessGrantsInstanceResourcePolicyRequest(
            accountId: accountId
        )
        return try await self.getAccessGrantsInstanceResourcePolicy(input, logger: logger)
    }

    /// Retrieves the details of a particular location registered in your S3 Access Grants instance.   Permissions  You must have the s3:GetAccessGrantsLocation permission to use this operation.
    @Sendable
    @inlinable
    public func getAccessGrantsLocation(_ input: GetAccessGrantsLocationRequest, logger: Logger = AWSClient.loggingDisabled) async throws -> GetAccessGrantsLocationResult {
        try await self.client.execute(
            operation: "GetAccessGrantsLocation", 
            path: "/v20180820/accessgrantsinstance/location/{AccessGrantsLocationId}", 
            httpMethod: .GET, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    /// Retrieves the details of a particular location registered in your S3 Access Grants instance.   Permissions  You must have the s3:GetAccessGrantsLocation permission to use this operation.
    ///
    /// Parameters:
    ///   - accessGrantsLocationId: The ID of the registered location that you are retrieving. S3 Access Grants assigns this ID when you register the location. S3 Access Grants assigns the ID default to the default location s3:// and assigns an auto-generated ID to other locations that you register.
    ///   - accountId: The Amazon Web Services account ID of the S3 Access Grants instance.
    ///   - logger: Logger use during operation
    @inlinable
    public func getAccessGrantsLocation(
        accessGrantsLocationId: String,
        accountId: String,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws -> GetAccessGrantsLocationResult {
        let input = GetAccessGrantsLocationRequest(
            accessGrantsLocationId: accessGrantsLocationId, 
            accountId: accountId
        )
        return try await self.getAccessGrantsLocation(input, logger: logger)
    }

    /// Returns configuration information about the specified access point.  All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of s3-control. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id derived by using the access point ARN, see the Examples section. The following actions are related to GetAccessPoint:    CreateAccessPoint     DeleteAccessPoint     ListAccessPoints
    @Sendable
    @inlinable
    public func getAccessPoint(_ input: GetAccessPointRequest, logger: Logger = AWSClient.loggingDisabled) async throws -> GetAccessPointResult {
        try await self.client.execute(
            operation: "GetAccessPoint", 
            path: "/v20180820/accesspoint/{Name}", 
            httpMethod: .GET, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    /// Returns configuration information about the specified access point.  All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of s3-control. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id derived by using the access point ARN, see the Examples section. The following actions are related to GetAccessPoint:    CreateAccessPoint     DeleteAccessPoint     ListAccessPoints
    ///
    /// Parameters:
    ///   - accountId: The Amazon Web Services account ID for the account that owns the specified access point.
    ///   - name: The name of the access point whose configuration information you want to retrieve. For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well. For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must  specify the ARN of the access point accessed in the format arn:aws:s3-outposts:::outpost//accesspoint/. For example, to access the access point reports-ap through Outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/accesspoint/reports-ap. The value must be URL encoded.
    ///   - logger: Logger use during operation
    @inlinable
    public func getAccessPoint(
        accountId: String,
        name: String,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws -> GetAccessPointResult {
        let input = GetAccessPointRequest(
            accountId: accountId, 
            name: name
        )
        return try await self.getAccessPoint(input, logger: logger)
    }

    ///  This operation is not supported by directory buckets.  Returns configuration for an Object Lambda Access Point. The following actions are related to GetAccessPointConfigurationForObjectLambda:    PutAccessPointConfigurationForObjectLambda
    @Sendable
    @inlinable
    public func getAccessPointConfigurationForObjectLambda(_ input: GetAccessPointConfigurationForObjectLambdaRequest, logger: Logger = AWSClient.loggingDisabled) async throws -> GetAccessPointConfigurationForObjectLambdaResult {
        try await self.client.execute(
            operation: "GetAccessPointConfigurationForObjectLambda", 
            path: "/v20180820/accesspointforobjectlambda/{Name}/configuration", 
            httpMethod: .GET, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    ///  This operation is not supported by directory buckets.  Returns configuration for an Object Lambda Access Point. The following actions are related to GetAccessPointConfigurationForObjectLambda:    PutAccessPointConfigurationForObjectLambda
    ///
    /// Parameters:
    ///   - accountId: The account ID for the account that owns the specified Object Lambda Access Point.
    ///   - name: The name of the Object Lambda Access Point you want to return the configuration for.
    ///   - logger: Logger use during operation
    @inlinable
    public func getAccessPointConfigurationForObjectLambda(
        accountId: String,
        name: String,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws -> GetAccessPointConfigurationForObjectLambdaResult {
        let input = GetAccessPointConfigurationForObjectLambdaRequest(
            accountId: accountId, 
            name: name
        )
        return try await self.getAccessPointConfigurationForObjectLambda(input, logger: logger)
    }

    ///  This operation is not supported by directory buckets.  Returns configuration information about the specified Object Lambda Access Point The following actions are related to GetAccessPointForObjectLambda:    CreateAccessPointForObjectLambda     DeleteAccessPointForObjectLambda     ListAccessPointsForObjectLambda
    @Sendable
    @inlinable
    public func getAccessPointForObjectLambda(_ input: GetAccessPointForObjectLambdaRequest, logger: Logger = AWSClient.loggingDisabled) async throws -> GetAccessPointForObjectLambdaResult {
        try await self.client.execute(
            operation: "GetAccessPointForObjectLambda", 
            path: "/v20180820/accesspointforobjectlambda/{Name}", 
            httpMethod: .GET, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    ///  This operation is not supported by directory buckets.  Returns configuration information about the specified Object Lambda Access Point The following actions are related to GetAccessPointForObjectLambda:    CreateAccessPointForObjectLambda     DeleteAccessPointForObjectLambda     ListAccessPointsForObjectLambda
    ///
    /// Parameters:
    ///   - accountId: The account ID for the account that owns the specified Object Lambda Access Point.
    ///   - name: The name of the Object Lambda Access Point.
    ///   - logger: Logger use during operation
    @inlinable
    public func getAccessPointForObjectLambda(
        accountId: String,
        name: String,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws -> GetAccessPointForObjectLambdaResult {
        let input = GetAccessPointForObjectLambdaRequest(
            accountId: accountId, 
            name: name
        )
        return try await self.getAccessPointForObjectLambda(input, logger: logger)
    }

    /// Returns the access point policy associated with the specified access point. The following actions are related to GetAccessPointPolicy:    PutAccessPointPolicy     DeleteAccessPointPolicy
    @Sendable
    @inlinable
    public func getAccessPointPolicy(_ input: GetAccessPointPolicyRequest, logger: Logger = AWSClient.loggingDisabled) async throws -> GetAccessPointPolicyResult {
        try await self.client.execute(
            operation: "GetAccessPointPolicy", 
            path: "/v20180820/accesspoint/{Name}/policy", 
            httpMethod: .GET, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    /// Returns the access point policy associated with the specified access point. The following actions are related to GetAccessPointPolicy:    PutAccessPointPolicy     DeleteAccessPointPolicy
    ///
    /// Parameters:
    ///   - accountId: The account ID for the account that owns the specified access point.
    ///   - name: The name of the access point whose policy you want to retrieve. For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well. For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must  specify the ARN of the access point accessed in the format arn:aws:s3-outposts:::outpost//accesspoint/. For example, to access the access point reports-ap through Outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/accesspoint/reports-ap. The value must be URL encoded.
    ///   - logger: Logger use during operation
    @inlinable
    public func getAccessPointPolicy(
        accountId: String,
        name: String,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws -> GetAccessPointPolicyResult {
        let input = GetAccessPointPolicyRequest(
            accountId: accountId, 
            name: name
        )
        return try await self.getAccessPointPolicy(input, logger: logger)
    }

    ///  This operation is not supported by directory buckets.  Returns the resource policy for an Object Lambda Access Point. The following actions are related to GetAccessPointPolicyForObjectLambda:    DeleteAccessPointPolicyForObjectLambda     PutAccessPointPolicyForObjectLambda
    @Sendable
    @inlinable
    public func getAccessPointPolicyForObjectLambda(_ input: GetAccessPointPolicyForObjectLambdaRequest, logger: Logger = AWSClient.loggingDisabled) async throws -> GetAccessPointPolicyForObjectLambdaResult {
        try await self.client.execute(
            operation: "GetAccessPointPolicyForObjectLambda", 
            path: "/v20180820/accesspointforobjectlambda/{Name}/policy", 
            httpMethod: .GET, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    ///  This operation is not supported by directory buckets.  Returns the resource policy for an Object Lambda Access Point. The following actions are related to GetAccessPointPolicyForObjectLambda:    DeleteAccessPointPolicyForObjectLambda     PutAccessPointPolicyForObjectLambda
    ///
    /// Parameters:
    ///   - accountId: The account ID for the account that owns the specified Object Lambda Access Point.
    ///   - name: The name of the Object Lambda Access Point.
    ///   - logger: Logger use during operation
    @inlinable
    public func getAccessPointPolicyForObjectLambda(
        accountId: String,
        name: String,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws -> GetAccessPointPolicyForObjectLambdaResult {
        let input = GetAccessPointPolicyForObjectLambdaRequest(
            accountId: accountId, 
            name: name
        )
        return try await self.getAccessPointPolicyForObjectLambda(input, logger: logger)
    }

    ///  This operation is not supported by directory buckets.  Indicates whether the specified access point currently has a policy that allows public access. For more information about public access through access points, see Managing Data Access with Amazon S3 access points in the Amazon S3 User Guide.
    @Sendable
    @inlinable
    public func getAccessPointPolicyStatus(_ input: GetAccessPointPolicyStatusRequest, logger: Logger = AWSClient.loggingDisabled) async throws -> GetAccessPointPolicyStatusResult {
        try await self.client.execute(
            operation: "GetAccessPointPolicyStatus", 
            path: "/v20180820/accesspoint/{Name}/policyStatus", 
            httpMethod: .GET, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    ///  This operation is not supported by directory buckets.  Indicates whether the specified access point currently has a policy that allows public access. For more information about public access through access points, see Managing Data Access with Amazon S3 access points in the Amazon S3 User Guide.
    ///
    /// Parameters:
    ///   - accountId: The account ID for the account that owns the specified access point.
    ///   - name: The name of the access point whose policy status you want to retrieve.
    ///   - logger: Logger use during operation
    @inlinable
    public func getAccessPointPolicyStatus(
        accountId: String,
        name: String,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws -> GetAccessPointPolicyStatusResult {
        let input = GetAccessPointPolicyStatusRequest(
            accountId: accountId, 
            name: name
        )
        return try await self.getAccessPointPolicyStatus(input, logger: logger)
    }

    ///  This operation is not supported by directory buckets.  Returns the status of the resource policy associated with an Object Lambda Access Point.
    @Sendable
    @inlinable
    public func getAccessPointPolicyStatusForObjectLambda(_ input: GetAccessPointPolicyStatusForObjectLambdaRequest, logger: Logger = AWSClient.loggingDisabled) async throws -> GetAccessPointPolicyStatusForObjectLambdaResult {
        try await self.client.execute(
            operation: "GetAccessPointPolicyStatusForObjectLambda", 
            path: "/v20180820/accesspointforobjectlambda/{Name}/policyStatus", 
            httpMethod: .GET, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    ///  This operation is not supported by directory buckets.  Returns the status of the resource policy associated with an Object Lambda Access Point.
    ///
    /// Parameters:
    ///   - accountId: The account ID for the account that owns the specified Object Lambda Access Point.
    ///   - name: The name of the Object Lambda Access Point.
    ///   - logger: Logger use during operation
    @inlinable
    public func getAccessPointPolicyStatusForObjectLambda(
        accountId: String,
        name: String,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws -> GetAccessPointPolicyStatusForObjectLambdaResult {
        let input = GetAccessPointPolicyStatusForObjectLambdaRequest(
            accountId: accountId, 
            name: name
        )
        return try await self.getAccessPointPolicyStatusForObjectLambda(input, logger: logger)
    }

    ///  Returns the access point scope for a directory bucket. To use this operation, you must have the permission to perform the s3express:GetAccessPointScope action. For information about REST API errors, see REST error responses.
    @Sendable
    @inlinable
    public func getAccessPointScope(_ input: GetAccessPointScopeRequest, logger: Logger = AWSClient.loggingDisabled) async throws -> GetAccessPointScopeResult {
        try await self.client.execute(
            operation: "GetAccessPointScope", 
            path: "/v20180820/accesspoint/{Name}/scope", 
            httpMethod: .GET, 
            serviceConfig: self.config, 
            input: input, 
            logger: logger
        )
    }
    ///  Returns the access point scope for a directory bucket. To use this operation, you must have the permission to perform the s3express:GetAccessPointScope action. For information about REST API errors, see REST error responses.
    ///
    /// Parameters:
    ///   - accountId:  The Amazon Web Services account ID that owns the access point with the scope that you want to retrieve.
    ///   - name: The name of the access point with the scope you want to retrieve.
    ///   - logger: Logger use during operation
    @inlinable
    public func getAccessPointScope(
        accountId: String,
        name: String,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws -> GetAccessPointScopeResult {
        let input = GetAccessPointScopeRequest(
            accountId: accountId, 
            name: name
        )
        return try await self.getAccessPointScope(input, logger: logger)
    }

    /// Gets an Amazon S3 on Outposts bucket. For more information, see  Using Amazon S3 on Outposts in the Amazon S3 User Guide. If you are using an identity other than the root user of the Amazon Web Services account that owns the Outposts bucket, the calling identity must have the s3-outposts:GetBucket permissions on the specified Outposts bucket and belong to the Outposts bucket owner's account in order to use this action. Only users from Outposts bucket owner account with the right permissions can perform actions on an Outposts bucket.  If you don't have s3-outposts:GetBucket permissions or you're not using an identity that belongs to the bucket owner's account, Amazon S3 returns a 403 Access Denied error. The following actions are related to GetBucket for Amazon S3 on Outposts: All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of s3-control. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id derived by using the access point ARN, see the Examples section.    PutObject     CreateBucket     DeleteBucket
    @Sendable
    @inlinable
    public func getBucket(_ input: GetBucketRequest, logger: Logger = AWSClient.loggingDisabled) async throws -> GetBucketResult {
        try await self.client.execute(
            operation: "GetBucket", 
            path: "/v20180820/bucket/{Bucket}", 
            httpMethod: .GET, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    /// Gets an Amazon S3 on Outposts bucket. For more information, see  Using Amazon S3 on Outposts in the Amazon S3 User Guide. If you are using an identity other than the root user of the Amazon Web Services account that owns the Outposts bucket, the calling identity must have the s3-outposts:GetBucket permissions on the specified Outposts bucket and belong to the Outposts bucket owner's account in order to use this action. Only users from Outposts bucket owner account with the right permissions can perform actions on an Outposts bucket.  If you don't have s3-outposts:GetBucket permissions or you're not using an identity that belongs to the bucket owner's account, Amazon S3 returns a 403 Access Denied error. The following actions are related to GetBucket for Amazon S3 on Outposts: All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of s3-control. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id derived by using the access point ARN, see the Examples section.    PutObject     CreateBucket     DeleteBucket
    ///
    /// Parameters:
    ///   - accountId: The Amazon Web Services account ID of the Outposts bucket.
    ///   - bucket: Specifies the bucket. For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well. For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must  specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:::outpost//bucket/. For example, to access the bucket reports through Outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports. The value must be URL encoded.
    ///   - logger: Logger use during operation
    @inlinable
    public func getBucket(
        accountId: String,
        bucket: String,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws -> GetBucketResult {
        let input = GetBucketRequest(
            accountId: accountId, 
            bucket: bucket
        )
        return try await self.getBucket(input, logger: logger)
    }

    ///  This action gets an Amazon S3 on Outposts bucket's lifecycle configuration. To get an S3 bucket's lifecycle configuration, see GetBucketLifecycleConfiguration in the Amazon S3 API Reference.   Returns the lifecycle configuration information set on the Outposts bucket. For more information, see Using Amazon S3 on Outposts and for information about lifecycle configuration, see  Object Lifecycle Management in Amazon S3 User Guide. To use this action, you must have permission to perform the s3-outposts:GetLifecycleConfiguration action. The Outposts bucket owner has this permission, by default. The bucket owner can grant this permission to others. For more information about permissions, see Permissions Related to Bucket Subresource Operations and Managing Access Permissions to Your Amazon S3 Resources. All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of s3-control. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id derived by using the access point ARN, see the Examples section.  GetBucketLifecycleConfiguration has the following special error:   Error code: NoSuchLifecycleConfiguration    Description: The lifecycle configuration does not exist.   HTTP Status Code: 404 Not Found   SOAP Fault Code Prefix: Client     The following actions are related to GetBucketLifecycleConfiguration:    PutBucketLifecycleConfiguration     DeleteBucketLifecycleConfiguration
    @Sendable
    @inlinable
    public func getBucketLifecycleConfiguration(_ input: GetBucketLifecycleConfigurationRequest, logger: Logger = AWSClient.loggingDisabled) async throws -> GetBucketLifecycleConfigurationResult {
        try await self.client.execute(
            operation: "GetBucketLifecycleConfiguration", 
            path: "/v20180820/bucket/{Bucket}/lifecycleconfiguration", 
            httpMethod: .GET, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    ///  This action gets an Amazon S3 on Outposts bucket's lifecycle configuration. To get an S3 bucket's lifecycle configuration, see GetBucketLifecycleConfiguration in the Amazon S3 API Reference.   Returns the lifecycle configuration information set on the Outposts bucket. For more information, see Using Amazon S3 on Outposts and for information about lifecycle configuration, see  Object Lifecycle Management in Amazon S3 User Guide. To use this action, you must have permission to perform the s3-outposts:GetLifecycleConfiguration action. The Outposts bucket owner has this permission, by default. The bucket owner can grant this permission to others. For more information about permissions, see Permissions Related to Bucket Subresource Operations and Managing Access Permissions to Your Amazon S3 Resources. All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of s3-control. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id derived by using the access point ARN, see the Examples section.  GetBucketLifecycleConfiguration has the following special error:   Error code: NoSuchLifecycleConfiguration    Description: The lifecycle configuration does not exist.   HTTP Status Code: 404 Not Found   SOAP Fault Code Prefix: Client     The following actions are related to GetBucketLifecycleConfiguration:    PutBucketLifecycleConfiguration     DeleteBucketLifecycleConfiguration
    ///
    /// Parameters:
    ///   - accountId: The Amazon Web Services account ID of the Outposts bucket.
    ///   - bucket: The Amazon Resource Name (ARN) of the bucket. For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well. For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must  specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:::outpost//bucket/. For example, to access the bucket reports through Outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports. The value must be URL encoded.
    ///   - logger: Logger use during operation
    @inlinable
    public func getBucketLifecycleConfiguration(
        accountId: String,
        bucket: String,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws -> GetBucketLifecycleConfigurationResult {
        let input = GetBucketLifecycleConfigurationRequest(
            accountId: accountId, 
            bucket: bucket
        )
        return try await self.getBucketLifecycleConfiguration(input, logger: logger)
    }

    ///  This action gets a bucket policy for an Amazon S3 on Outposts bucket. To get a policy for an S3 bucket, see GetBucketPolicy in the Amazon S3 API Reference.   Returns the policy of a specified Outposts bucket. For more information, see Using Amazon S3 on Outposts in the Amazon S3 User Guide. If you are using an identity other than the root user of the Amazon Web Services account that owns the bucket, the calling identity must have the GetBucketPolicy permissions on the specified bucket and belong to the bucket owner's account in order to use this action. Only users from Outposts bucket owner account with the right permissions can perform actions on an Outposts bucket. If you don't have s3-outposts:GetBucketPolicy permissions or you're not using an identity that belongs to the bucket owner's account, Amazon S3 returns a 403 Access Denied error.  As a security precaution, the root user of the Amazon Web Services account that owns a bucket can always use this action, even if the policy explicitly denies the root user the ability to perform this action.  For more information about bucket policies, see Using Bucket Policies and User Policies. All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of s3-control. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id derived by using the access point ARN, see the Examples section. The following actions are related to GetBucketPolicy:    GetObject     PutBucketPolicy     DeleteBucketPolicy
    @Sendable
    @inlinable
    public func getBucketPolicy(_ input: GetBucketPolicyRequest, logger: Logger = AWSClient.loggingDisabled) async throws -> GetBucketPolicyResult {
        try await self.client.execute(
            operation: "GetBucketPolicy", 
            path: "/v20180820/bucket/{Bucket}/policy", 
            httpMethod: .GET, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    ///  This action gets a bucket policy for an Amazon S3 on Outposts bucket. To get a policy for an S3 bucket, see GetBucketPolicy in the Amazon S3 API Reference.   Returns the policy of a specified Outposts bucket. For more information, see Using Amazon S3 on Outposts in the Amazon S3 User Guide. If you are using an identity other than the root user of the Amazon Web Services account that owns the bucket, the calling identity must have the GetBucketPolicy permissions on the specified bucket and belong to the bucket owner's account in order to use this action. Only users from Outposts bucket owner account with the right permissions can perform actions on an Outposts bucket. If you don't have s3-outposts:GetBucketPolicy permissions or you're not using an identity that belongs to the bucket owner's account, Amazon S3 returns a 403 Access Denied error.  As a security precaution, the root user of the Amazon Web Services account that owns a bucket can always use this action, even if the policy explicitly denies the root user the ability to perform this action.  For more information about bucket policies, see Using Bucket Policies and User Policies. All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of s3-control. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id derived by using the access point ARN, see the Examples section. The following actions are related to GetBucketPolicy:    GetObject     PutBucketPolicy     DeleteBucketPolicy
    ///
    /// Parameters:
    ///   - accountId: The Amazon Web Services account ID of the Outposts bucket.
    ///   - bucket: Specifies the bucket. For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well. For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must  specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:::outpost//bucket/. For example, to access the bucket reports through Outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports. The value must be URL encoded.
    ///   - logger: Logger use during operation
    @inlinable
    public func getBucketPolicy(
        accountId: String,
        bucket: String,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws -> GetBucketPolicyResult {
        let input = GetBucketPolicyRequest(
            accountId: accountId, 
            bucket: bucket
        )
        return try await self.getBucketPolicy(input, logger: logger)
    }

    ///  This operation gets an Amazon S3 on Outposts bucket's replication configuration. To get an S3 bucket's replication configuration, see GetBucketReplication in the Amazon S3 API Reference.   Returns the replication configuration of an S3 on Outposts bucket. For more information about S3 on Outposts, see Using Amazon S3 on Outposts in the Amazon S3 User Guide. For information about S3 replication on Outposts configuration, see Replicating objects for S3 on Outposts in the Amazon S3 User Guide.  It can take a while to propagate PUT or DELETE requests for a replication configuration to all S3 on Outposts systems. Therefore, the replication configuration that's returned by a GET request soon after a PUT or DELETE request might return a more recent result than what's on the Outpost. If an Outpost is offline, the delay in updating the replication configuration on that Outpost can be significant.  This action requires permissions for the s3-outposts:GetReplicationConfiguration action. The Outposts bucket owner has this permission by default and can grant it to others. For more information about permissions, see Setting up IAM with S3 on Outposts and Managing access to S3 on Outposts bucket in the Amazon S3 User Guide. All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of s3-control. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id derived by using the access point ARN, see the Examples section. If you include the Filter element in a replication configuration, you must also include the DeleteMarkerReplication, Status, and Priority elements. The response also returns those elements. For information about S3 on Outposts replication failure reasons, see Replication failure reasons in the Amazon S3 User Guide. The following operations are related to GetBucketReplication:    PutBucketReplication     DeleteBucketReplication
    @Sendable
    @inlinable
    public func getBucketReplication(_ input: GetBucketReplicationRequest, logger: Logger = AWSClient.loggingDisabled) async throws -> GetBucketReplicationResult {
        try await self.client.execute(
            operation: "GetBucketReplication", 
            path: "/v20180820/bucket/{Bucket}/replication", 
            httpMethod: .GET, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    ///  This operation gets an Amazon S3 on Outposts bucket's replication configuration. To get an S3 bucket's replication configuration, see GetBucketReplication in the Amazon S3 API Reference.   Returns the replication configuration of an S3 on Outposts bucket. For more information about S3 on Outposts, see Using Amazon S3 on Outposts in the Amazon S3 User Guide. For information about S3 replication on Outposts configuration, see Replicating objects for S3 on Outposts in the Amazon S3 User Guide.  It can take a while to propagate PUT or DELETE requests for a replication configuration to all S3 on Outposts systems. Therefore, the replication configuration that's returned by a GET request soon after a PUT or DELETE request might return a more recent result than what's on the Outpost. If an Outpost is offline, the delay in updating the replication configuration on that Outpost can be significant.  This action requires permissions for the s3-outposts:GetReplicationConfiguration action. The Outposts bucket owner has this permission by default and can grant it to others. For more information about permissions, see Setting up IAM with S3 on Outposts and Managing access to S3 on Outposts bucket in the Amazon S3 User Guide. All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of s3-control. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id derived by using the access point ARN, see the Examples section. If you include the Filter element in a replication configuration, you must also include the DeleteMarkerReplication, Status, and Priority elements. The response also returns those elements. For information about S3 on Outposts replication failure reasons, see Replication failure reasons in the Amazon S3 User Guide. The following operations are related to GetBucketReplication:    PutBucketReplication     DeleteBucketReplication
    ///
    /// Parameters:
    ///   - accountId: The Amazon Web Services account ID of the Outposts bucket.
    ///   - bucket: Specifies the bucket to get the replication information for. For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well. For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must  specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:::outpost//bucket/. For example, to access the bucket reports through Outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports. The value must be URL encoded.
    ///   - logger: Logger use during operation
    @inlinable
    public func getBucketReplication(
        accountId: String,
        bucket: String,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws -> GetBucketReplicationResult {
        let input = GetBucketReplicationRequest(
            accountId: accountId, 
            bucket: bucket
        )
        return try await self.getBucketReplication(input, logger: logger)
    }

    ///  This action gets an Amazon S3 on Outposts bucket's tags. To get an S3 bucket tags, see GetBucketTagging in the Amazon S3 API Reference.   Returns the tag set associated with the Outposts bucket. For more information, see Using Amazon S3 on Outposts in the Amazon S3 User Guide. To use this action, you must have permission to perform the GetBucketTagging action. By default, the bucket owner has this permission and can grant this permission to others.  GetBucketTagging has the following special error:   Error code: NoSuchTagSetError    Description: There is no tag set associated with the bucket.     All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of s3-control. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id derived by using the access point ARN, see the Examples section. The following actions are related to GetBucketTagging:    PutBucketTagging     DeleteBucketTagging
    @Sendable
    @inlinable
    public func getBucketTagging(_ input: GetBucketTaggingRequest, logger: Logger = AWSClient.loggingDisabled) async throws -> GetBucketTaggingResult {
        try await self.client.execute(
            operation: "GetBucketTagging", 
            path: "/v20180820/bucket/{Bucket}/tagging", 
            httpMethod: .GET, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    ///  This action gets an Amazon S3 on Outposts bucket's tags. To get an S3 bucket tags, see GetBucketTagging in the Amazon S3 API Reference.   Returns the tag set associated with the Outposts bucket. For more information, see Using Amazon S3 on Outposts in the Amazon S3 User Guide. To use this action, you must have permission to perform the GetBucketTagging action. By default, the bucket owner has this permission and can grant this permission to others.  GetBucketTagging has the following special error:   Error code: NoSuchTagSetError    Description: There is no tag set associated with the bucket.     All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of s3-control. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id derived by using the access point ARN, see the Examples section. The following actions are related to GetBucketTagging:    PutBucketTagging     DeleteBucketTagging
    ///
    /// Parameters:
    ///   - accountId: The Amazon Web Services account ID of the Outposts bucket.
    ///   - bucket: Specifies the bucket. For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well. For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must  specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:::outpost//bucket/. For example, to access the bucket reports through Outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports. The value must be URL encoded.
    ///   - logger: Logger use during operation
    @inlinable
    public func getBucketTagging(
        accountId: String,
        bucket: String,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws -> GetBucketTaggingResult {
        let input = GetBucketTaggingRequest(
            accountId: accountId, 
            bucket: bucket
        )
        return try await self.getBucketTagging(input, logger: logger)
    }

    ///  This operation returns the versioning state for S3 on Outposts buckets only. To return the versioning state for an S3 bucket, see GetBucketVersioning in the Amazon S3 API Reference.   Returns the versioning state for an S3 on Outposts bucket. With S3 Versioning, you can save multiple distinct copies of your objects and recover from unintended user actions and application failures. If you've never set versioning on your bucket, it has no versioning state. In that case, the GetBucketVersioning request does not return a versioning state value. For more information about versioning, see Versioning in the Amazon S3 User Guide. All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of s3-control. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id derived by using the access point ARN, see the Examples section. The following operations are related to GetBucketVersioning for S3 on Outposts.    PutBucketVersioning     PutBucketLifecycleConfiguration     GetBucketLifecycleConfiguration
    @Sendable
    @inlinable
    public func getBucketVersioning(_ input: GetBucketVersioningRequest, logger: Logger = AWSClient.loggingDisabled) async throws -> GetBucketVersioningResult {
        try await self.client.execute(
            operation: "GetBucketVersioning", 
            path: "/v20180820/bucket/{Bucket}/versioning", 
            httpMethod: .GET, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    ///  This operation returns the versioning state for S3 on Outposts buckets only. To return the versioning state for an S3 bucket, see GetBucketVersioning in the Amazon S3 API Reference.   Returns the versioning state for an S3 on Outposts bucket. With S3 Versioning, you can save multiple distinct copies of your objects and recover from unintended user actions and application failures. If you've never set versioning on your bucket, it has no versioning state. In that case, the GetBucketVersioning request does not return a versioning state value. For more information about versioning, see Versioning in the Amazon S3 User Guide. All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of s3-control. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id derived by using the access point ARN, see the Examples section. The following operations are related to GetBucketVersioning for S3 on Outposts.    PutBucketVersioning     PutBucketLifecycleConfiguration     GetBucketLifecycleConfiguration
    ///
    /// Parameters:
    ///   - accountId: The Amazon Web Services account ID of the S3 on Outposts bucket.
    ///   - bucket: The S3 on Outposts bucket to return the versioning state for.
    ///   - logger: Logger use during operation
    @inlinable
    public func getBucketVersioning(
        accountId: String,
        bucket: String,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws -> GetBucketVersioningResult {
        let input = GetBucketVersioningRequest(
            accountId: accountId, 
            bucket: bucket
        )
        return try await self.getBucketVersioning(input, logger: logger)
    }

    /// Returns a temporary access credential from S3 Access Grants to the grantee or client application. The temporary credential is an Amazon Web Services STS token that grants them access to the S3 data.   Permissions  You must have the s3:GetDataAccess permission to use this operation.   Additional Permissions  The IAM role that S3 Access Grants assumes must have the following permissions specified in the trust policy when registering the location: sts:AssumeRole, for directory users or groups sts:SetContext, and for IAM users or roles sts:SetSourceIdentity.
    @Sendable
    @inlinable
    public func getDataAccess(_ input: GetDataAccessRequest, logger: Logger = AWSClient.loggingDisabled) async throws -> GetDataAccessResult {
        try await self.client.execute(
            operation: "GetDataAccess", 
            path: "/v20180820/accessgrantsinstance/dataaccess", 
            httpMethod: .GET, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    /// Returns a temporary access credential from S3 Access Grants to the grantee or client application. The temporary credential is an Amazon Web Services STS token that grants them access to the S3 data.   Permissions  You must have the s3:GetDataAccess permission to use this operation.   Additional Permissions  The IAM role that S3 Access Grants assumes must have the following permissions specified in the trust policy when registering the location: sts:AssumeRole, for directory users or groups sts:SetContext, and for IAM users or roles sts:SetSourceIdentity.
    ///
    /// Parameters:
    ///   - accountId: The Amazon Web Services account ID of the S3 Access Grants instance.
    ///   - durationSeconds: The session duration, in seconds, of the temporary access credential that S3 Access Grants vends to the grantee or client application. The default value is 1 hour, but the grantee can specify a range from 900 seconds (15 minutes) up to 43200 seconds (12 hours). If the grantee requests a value higher than this maximum, the operation fails.
    ///   - permission: The type of permission granted to your S3 data, which can be set to one of the following values:    READ – Grant read-only access to the S3 data.    WRITE – Grant write-only access to the S3 data.    READWRITE – Grant both read and write access to the S3 data.
    ///   - privilege: The scope of the temporary access credential that S3 Access Grants vends to the grantee or client application.     Default – The scope of the returned temporary access token is the scope of the grant that is closest to the target scope.    Minimal – The scope of the returned temporary access token is the same as the requested target scope as long as the requested scope is the same as or a subset of the grant scope.
    ///   - target: The S3 URI path of the data to which you are requesting temporary access credentials. If the requesting account has an access grant for this data, S3 Access Grants vends temporary access credentials in the response.
    ///   - targetType: The type of Target. The only possible value is Object. Pass this value if the target data that you would like to access is a path to an object. Do not pass this value if the target data is a bucket or a bucket and a prefix.
    ///   - logger: Logger use during operation
    @inlinable
    public func getDataAccess(
        accountId: String,
        durationSeconds: Int? = nil,
        permission: Permission,
        privilege: Privilege? = nil,
        target: String,
        targetType: S3PrefixType? = nil,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws -> GetDataAccessResult {
        let input = GetDataAccessRequest(
            accountId: accountId, 
            durationSeconds: durationSeconds, 
            permission: permission, 
            privilege: privilege, 
            target: target, 
            targetType: targetType
        )
        return try await self.getDataAccess(input, logger: logger)
    }

    /// Returns the tags on an S3 Batch Operations job.   Permissions  To use the GetJobTagging operation, you must have permission to perform the s3:GetJobTagging action. For more information, see Controlling access and labeling jobs using tags in the Amazon S3 User Guide.   Related actions include:    CreateJob     PutJobTagging     DeleteJobTagging
    @Sendable
    @inlinable
    public func getJobTagging(_ input: GetJobTaggingRequest, logger: Logger = AWSClient.loggingDisabled) async throws -> GetJobTaggingResult {
        try await self.client.execute(
            operation: "GetJobTagging", 
            path: "/v20180820/jobs/{JobId}/tagging", 
            httpMethod: .GET, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    /// Returns the tags on an S3 Batch Operations job.   Permissions  To use the GetJobTagging operation, you must have permission to perform the s3:GetJobTagging action. For more information, see Controlling access and labeling jobs using tags in the Amazon S3 User Guide.   Related actions include:    CreateJob     PutJobTagging     DeleteJobTagging
    ///
    /// Parameters:
    ///   - accountId: The Amazon Web Services account ID associated with the S3 Batch Operations job.
    ///   - jobId: The ID for the S3 Batch Operations job whose tags you want to retrieve.
    ///   - logger: Logger use during operation
    @inlinable
    public func getJobTagging(
        accountId: String,
        jobId: String,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws -> GetJobTaggingResult {
        let input = GetJobTaggingRequest(
            accountId: accountId, 
            jobId: jobId
        )
        return try await self.getJobTagging(input, logger: logger)
    }

    ///  This operation is not supported by directory buckets.  Returns configuration information about the specified Multi-Region Access Point. This action will always be routed to the US West (Oregon) Region. For more information about the restrictions around working with Multi-Region Access Points, see Multi-Region Access Point restrictions and limitations in the Amazon S3 User Guide. The following actions are related to GetMultiRegionAccessPoint:    CreateMultiRegionAccessPoint     DeleteMultiRegionAccessPoint     DescribeMultiRegionAccessPointOperation     ListMultiRegionAccessPoints
    @Sendable
    @inlinable
    public func getMultiRegionAccessPoint(_ input: GetMultiRegionAccessPointRequest, logger: Logger = AWSClient.loggingDisabled) async throws -> GetMultiRegionAccessPointResult {
        try await self.client.execute(
            operation: "GetMultiRegionAccessPoint", 
            path: "/v20180820/mrap/instances/{Name+}", 
            httpMethod: .GET, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    ///  This operation is not supported by directory buckets.  Returns configuration information about the specified Multi-Region Access Point. This action will always be routed to the US West (Oregon) Region. For more information about the restrictions around working with Multi-Region Access Points, see Multi-Region Access Point restrictions and limitations in the Amazon S3 User Guide. The following actions are related to GetMultiRegionAccessPoint:    CreateMultiRegionAccessPoint     DeleteMultiRegionAccessPoint     DescribeMultiRegionAccessPointOperation     ListMultiRegionAccessPoints
    ///
    /// Parameters:
    ///   - accountId: The Amazon Web Services account ID for the owner of the Multi-Region Access Point.
    ///   - name: The name of the Multi-Region Access Point whose configuration information you want to receive. The name of the Multi-Region Access Point is different from the alias. For more information about the distinction between the name and the alias of an Multi-Region Access Point, see Rules for naming Amazon S3 Multi-Region Access Points in the Amazon S3 User Guide.
    ///   - logger: Logger use during operation
    @inlinable
    public func getMultiRegionAccessPoint(
        accountId: String,
        name: String,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws -> GetMultiRegionAccessPointResult {
        let input = GetMultiRegionAccessPointRequest(
            accountId: accountId, 
            name: name
        )
        return try await self.getMultiRegionAccessPoint(input, logger: logger)
    }

    ///  This operation is not supported by directory buckets.  Returns the access control policy of the specified Multi-Region Access Point. This action will always be routed to the US West (Oregon) Region. For more information about the restrictions around working with Multi-Region Access Points, see Multi-Region Access Point restrictions and limitations in the Amazon S3 User Guide. The following actions are related to GetMultiRegionAccessPointPolicy:    GetMultiRegionAccessPointPolicyStatus     PutMultiRegionAccessPointPolicy
    @Sendable
    @inlinable
    public func getMultiRegionAccessPointPolicy(_ input: GetMultiRegionAccessPointPolicyRequest, logger: Logger = AWSClient.loggingDisabled) async throws -> GetMultiRegionAccessPointPolicyResult {
        try await self.client.execute(
            operation: "GetMultiRegionAccessPointPolicy", 
            path: "/v20180820/mrap/instances/{Name+}/policy", 
            httpMethod: .GET, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    ///  This operation is not supported by directory buckets.  Returns the access control policy of the specified Multi-Region Access Point. This action will always be routed to the US West (Oregon) Region. For more information about the restrictions around working with Multi-Region Access Points, see Multi-Region Access Point restrictions and limitations in the Amazon S3 User Guide. The following actions are related to GetMultiRegionAccessPointPolicy:    GetMultiRegionAccessPointPolicyStatus     PutMultiRegionAccessPointPolicy
    ///
    /// Parameters:
    ///   - accountId: The Amazon Web Services account ID for the owner of the Multi-Region Access Point.
    ///   - name: Specifies the Multi-Region Access Point. The name of the Multi-Region Access Point is different from the alias. For more information about the distinction between the name and the alias of an Multi-Region Access Point, see Rules for naming Amazon S3 Multi-Region Access Points in the Amazon S3 User Guide.
    ///   - logger: Logger use during operation
    @inlinable
    public func getMultiRegionAccessPointPolicy(
        accountId: String,
        name: String,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws -> GetMultiRegionAccessPointPolicyResult {
        let input = GetMultiRegionAccessPointPolicyRequest(
            accountId: accountId, 
            name: name
        )
        return try await self.getMultiRegionAccessPointPolicy(input, logger: logger)
    }

    ///  This operation is not supported by directory buckets.  Indicates whether the specified Multi-Region Access Point has an access control policy that allows public access. This action will always be routed to the US West (Oregon) Region. For more information about the restrictions around working with Multi-Region Access Points, see Multi-Region Access Point restrictions and limitations in the Amazon S3 User Guide. The following actions are related to GetMultiRegionAccessPointPolicyStatus:    GetMultiRegionAccessPointPolicy     PutMultiRegionAccessPointPolicy
    @Sendable
    @inlinable
    public func getMultiRegionAccessPointPolicyStatus(_ input: GetMultiRegionAccessPointPolicyStatusRequest, logger: Logger = AWSClient.loggingDisabled) async throws -> GetMultiRegionAccessPointPolicyStatusResult {
        try await self.client.execute(
            operation: "GetMultiRegionAccessPointPolicyStatus", 
            path: "/v20180820/mrap/instances/{Name+}/policystatus", 
            httpMethod: .GET, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    ///  This operation is not supported by directory buckets.  Indicates whether the specified Multi-Region Access Point has an access control policy that allows public access. This action will always be routed to the US West (Oregon) Region. For more information about the restrictions around working with Multi-Region Access Points, see Multi-Region Access Point restrictions and limitations in the Amazon S3 User Guide. The following actions are related to GetMultiRegionAccessPointPolicyStatus:    GetMultiRegionAccessPointPolicy     PutMultiRegionAccessPointPolicy
    ///
    /// Parameters:
    ///   - accountId: The Amazon Web Services account ID for the owner of the Multi-Region Access Point.
    ///   - name: Specifies the Multi-Region Access Point. The name of the Multi-Region Access Point is different from the alias. For more information about the distinction between the name and the alias of an Multi-Region Access Point, see Rules for naming Amazon S3 Multi-Region Access Points in the Amazon S3 User Guide.
    ///   - logger: Logger use during operation
    @inlinable
    public func getMultiRegionAccessPointPolicyStatus(
        accountId: String,
        name: String,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws -> GetMultiRegionAccessPointPolicyStatusResult {
        let input = GetMultiRegionAccessPointPolicyStatusRequest(
            accountId: accountId, 
            name: name
        )
        return try await self.getMultiRegionAccessPointPolicyStatus(input, logger: logger)
    }

    ///  This operation is not supported by directory buckets.  Returns the routing configuration for a Multi-Region Access Point, indicating which Regions are active or passive. To obtain routing control changes and failover requests, use the Amazon S3 failover control infrastructure endpoints in these five Amazon Web Services Regions:    us-east-1     us-west-2     ap-southeast-2     ap-northeast-1     eu-west-1
    @Sendable
    @inlinable
    public func getMultiRegionAccessPointRoutes(_ input: GetMultiRegionAccessPointRoutesRequest, logger: Logger = AWSClient.loggingDisabled) async throws -> GetMultiRegionAccessPointRoutesResult {
        try await self.client.execute(
            operation: "GetMultiRegionAccessPointRoutes", 
            path: "/v20180820/mrap/instances/{Mrap+}/routes", 
            httpMethod: .GET, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    ///  This operation is not supported by directory buckets.  Returns the routing configuration for a Multi-Region Access Point, indicating which Regions are active or passive. To obtain routing control changes and failover requests, use the Amazon S3 failover control infrastructure endpoints in these five Amazon Web Services Regions:    us-east-1     us-west-2     ap-southeast-2     ap-northeast-1     eu-west-1
    ///
    /// Parameters:
    ///   - accountId: The Amazon Web Services account ID for the owner of the Multi-Region Access Point.
    ///   - mrap: The Multi-Region Access Point ARN.
    ///   - logger: Logger use during operation
    @inlinable
    public func getMultiRegionAccessPointRoutes(
        accountId: String,
        mrap: String,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws -> GetMultiRegionAccessPointRoutesResult {
        let input = GetMultiRegionAccessPointRoutesRequest(
            accountId: accountId, 
            mrap: mrap
        )
        return try await self.getMultiRegionAccessPointRoutes(input, logger: logger)
    }

    ///  This operation is not supported by directory buckets.  Retrieves the PublicAccessBlock configuration for an Amazon Web Services account. For more information, see  Using Amazon S3 block public access. Related actions include:    DeletePublicAccessBlock     PutPublicAccessBlock
    @Sendable
    @inlinable
    public func getPublicAccessBlock(_ input: GetPublicAccessBlockRequest, logger: Logger = AWSClient.loggingDisabled) async throws -> GetPublicAccessBlockOutput {
        try await self.client.execute(
            operation: "GetPublicAccessBlock", 
            path: "/v20180820/configuration/publicAccessBlock", 
            httpMethod: .GET, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    ///  This operation is not supported by directory buckets.  Retrieves the PublicAccessBlock configuration for an Amazon Web Services account. For more information, see  Using Amazon S3 block public access. Related actions include:    DeletePublicAccessBlock     PutPublicAccessBlock
    ///
    /// Parameters:
    ///   - accountId: The account ID for the Amazon Web Services account whose PublicAccessBlock configuration you want to retrieve.
    ///   - logger: Logger use during operation
    @inlinable
    public func getPublicAccessBlock(
        accountId: String,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws -> GetPublicAccessBlockOutput {
        let input = GetPublicAccessBlockRequest(
            accountId: accountId
        )
        return try await self.getPublicAccessBlock(input, logger: logger)
    }

    ///  This operation is not supported by directory buckets.  Gets the Amazon S3 Storage Lens configuration. For more information, see Assessing your storage activity and usage with Amazon S3 Storage Lens  in the Amazon S3 User Guide. For a complete list of S3 Storage Lens metrics, see S3 Storage Lens metrics glossary in the Amazon S3 User Guide.  To use this action, you must have permission to perform the s3:GetStorageLensConfiguration action. For more information, see Setting permissions to use Amazon S3 Storage Lens in the Amazon S3 User Guide.
    @Sendable
    @inlinable
    public func getStorageLensConfiguration(_ input: GetStorageLensConfigurationRequest, logger: Logger = AWSClient.loggingDisabled) async throws -> GetStorageLensConfigurationResult {
        try await self.client.execute(
            operation: "GetStorageLensConfiguration", 
            path: "/v20180820/storagelens/{ConfigId}", 
            httpMethod: .GET, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    ///  This operation is not supported by directory buckets.  Gets the Amazon S3 Storage Lens configuration. For more information, see Assessing your storage activity and usage with Amazon S3 Storage Lens  in the Amazon S3 User Guide. For a complete list of S3 Storage Lens metrics, see S3 Storage Lens metrics glossary in the Amazon S3 User Guide.  To use this action, you must have permission to perform the s3:GetStorageLensConfiguration action. For more information, see Setting permissions to use Amazon S3 Storage Lens in the Amazon S3 User Guide.
    ///
    /// Parameters:
    ///   - accountId: The account ID of the requester.
    ///   - configId: The ID of the Amazon S3 Storage Lens configuration.
    ///   - logger: Logger use during operation
    @inlinable
    public func getStorageLensConfiguration(
        accountId: String,
        configId: String,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws -> GetStorageLensConfigurationResult {
        let input = GetStorageLensConfigurationRequest(
            accountId: accountId, 
            configId: configId
        )
        return try await self.getStorageLensConfiguration(input, logger: logger)
    }

    ///  This operation is not supported by directory buckets.  Gets the tags of Amazon S3 Storage Lens configuration. For more information about S3 Storage Lens, see Assessing your storage activity and usage with Amazon S3 Storage Lens  in the Amazon S3 User Guide.  To use this action, you must have permission to perform the s3:GetStorageLensConfigurationTagging action. For more information, see Setting permissions to use Amazon S3 Storage Lens in the Amazon S3 User Guide.
    @Sendable
    @inlinable
    public func getStorageLensConfigurationTagging(_ input: GetStorageLensConfigurationTaggingRequest, logger: Logger = AWSClient.loggingDisabled) async throws -> GetStorageLensConfigurationTaggingResult {
        try await self.client.execute(
            operation: "GetStorageLensConfigurationTagging", 
            path: "/v20180820/storagelens/{ConfigId}/tagging", 
            httpMethod: .GET, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    ///  This operation is not supported by directory buckets.  Gets the tags of Amazon S3 Storage Lens configuration. For more information about S3 Storage Lens, see Assessing your storage activity and usage with Amazon S3 Storage Lens  in the Amazon S3 User Guide.  To use this action, you must have permission to perform the s3:GetStorageLensConfigurationTagging action. For more information, see Setting permissions to use Amazon S3 Storage Lens in the Amazon S3 User Guide.
    ///
    /// Parameters:
    ///   - accountId: The account ID of the requester.
    ///   - configId: The ID of the Amazon S3 Storage Lens configuration.
    ///   - logger: Logger use during operation
    @inlinable
    public func getStorageLensConfigurationTagging(
        accountId: String,
        configId: String,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws -> GetStorageLensConfigurationTaggingResult {
        let input = GetStorageLensConfigurationTaggingRequest(
            accountId: accountId, 
            configId: configId
        )
        return try await self.getStorageLensConfigurationTagging(input, logger: logger)
    }

    /// Retrieves the Storage Lens group configuration details. To use this operation, you must have the permission to perform the s3:GetStorageLensGroup action. For more information about the required Storage Lens Groups permissions, see Setting account permissions to use S3 Storage Lens groups. For information about Storage Lens groups errors, see List of Amazon S3 Storage Lens error codes.
    @Sendable
    @inlinable
    public func getStorageLensGroup(_ input: GetStorageLensGroupRequest, logger: Logger = AWSClient.loggingDisabled) async throws -> GetStorageLensGroupResult {
        try await self.client.execute(
            operation: "GetStorageLensGroup", 
            path: "/v20180820/storagelensgroup/{Name}", 
            httpMethod: .GET, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    /// Retrieves the Storage Lens group configuration details. To use this operation, you must have the permission to perform the s3:GetStorageLensGroup action. For more information about the required Storage Lens Groups permissions, see Setting account permissions to use S3 Storage Lens groups. For information about Storage Lens groups errors, see List of Amazon S3 Storage Lens error codes.
    ///
    /// Parameters:
    ///   - accountId: The Amazon Web Services account ID associated with the Storage Lens group that you're trying to retrieve the details for.
    ///   - name: The name of the Storage Lens group that you're trying to retrieve the configuration details for.
    ///   - logger: Logger use during operation
    @inlinable
    public func getStorageLensGroup(
        accountId: String,
        name: String,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws -> GetStorageLensGroupResult {
        let input = GetStorageLensGroupRequest(
            accountId: accountId, 
            name: name
        )
        return try await self.getStorageLensGroup(input, logger: logger)
    }

    /// Returns the list of access grants in your S3 Access Grants instance.  Permissions  You must have the s3:ListAccessGrants permission to use this operation.
    @Sendable
    @inlinable
    public func listAccessGrants(_ input: ListAccessGrantsRequest, logger: Logger = AWSClient.loggingDisabled) async throws -> ListAccessGrantsResult {
        try await self.client.execute(
            operation: "ListAccessGrants", 
            path: "/v20180820/accessgrantsinstance/grants", 
            httpMethod: .GET, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    /// Returns the list of access grants in your S3 Access Grants instance.  Permissions  You must have the s3:ListAccessGrants permission to use this operation.
    ///
    /// Parameters:
    ///   - accountId: The Amazon Web Services account ID of the S3 Access Grants instance.
    ///   - applicationArn: The Amazon Resource Name (ARN) of an Amazon Web Services IAM Identity Center application associated with your Identity Center instance. If the grant includes an application ARN, the grantee can only access the S3 data through this application.
    ///   - granteeIdentifier: The unique identifer of the Grantee. If the grantee type is IAM, the identifier is the IAM Amazon Resource Name (ARN) of the user or role. If the grantee type is a directory user or group, the identifier is 128-bit universally unique identifier (UUID) in the format a1b2c3d4-5678-90ab-cdef-EXAMPLE11111. You can obtain this UUID from your Amazon Web Services IAM Identity Center instance.
    ///   - granteeType: The type of the grantee to which access has been granted. It can be one of the following values:    IAM - An IAM user or role.    DIRECTORY_USER - Your corporate directory user. You can use this option if you have added your corporate identity directory to IAM Identity Center and associated the IAM Identity Center instance with your S3 Access Grants instance.    DIRECTORY_GROUP - Your corporate directory group. You can use this option if you have added your corporate identity directory to IAM Identity Center and associated the IAM Identity Center instance with your S3 Access Grants instance.
    ///   - grantScope: The S3 path of the data to which you are granting access. It is the result of appending the Subprefix to the location scope.
    ///   - maxResults: The maximum number of access grants that you would like returned in the List Access Grants response. If the results include the pagination token NextToken, make another call using the NextToken to determine if there are more results.
    ///   - nextToken: A pagination token to request the next page of results. Pass this value into a subsequent List Access Grants request in order to retrieve the next page of results.
    ///   - permission: The type of permission granted to your S3 data, which can be set to one of the following values:    READ – Grant read-only access to the S3 data.    WRITE – Grant write-only access to the S3 data.    READWRITE – Grant both read and write access to the S3 data.
    ///   - logger: Logger use during operation
    @inlinable
    public func listAccessGrants(
        accountId: String,
        applicationArn: String? = nil,
        granteeIdentifier: String? = nil,
        granteeType: GranteeType? = nil,
        grantScope: String? = nil,
        maxResults: Int? = nil,
        nextToken: String? = nil,
        permission: Permission? = nil,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws -> ListAccessGrantsResult {
        let input = ListAccessGrantsRequest(
            accountId: accountId, 
            applicationArn: applicationArn, 
            granteeIdentifier: granteeIdentifier, 
            granteeType: granteeType, 
            grantScope: grantScope, 
            maxResults: maxResults, 
            nextToken: nextToken, 
            permission: permission
        )
        return try await self.listAccessGrants(input, logger: logger)
    }

    /// Returns a list of S3 Access Grants instances. An S3 Access Grants instance serves as a logical grouping for your individual access grants. You can only have one S3 Access Grants instance per Region per account.  Permissions  You must have the s3:ListAccessGrantsInstances permission to use this operation.
    @Sendable
    @inlinable
    public func listAccessGrantsInstances(_ input: ListAccessGrantsInstancesRequest, logger: Logger = AWSClient.loggingDisabled) async throws -> ListAccessGrantsInstancesResult {
        try await self.client.execute(
            operation: "ListAccessGrantsInstances", 
            path: "/v20180820/accessgrantsinstances", 
            httpMethod: .GET, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    /// Returns a list of S3 Access Grants instances. An S3 Access Grants instance serves as a logical grouping for your individual access grants. You can only have one S3 Access Grants instance per Region per account.  Permissions  You must have the s3:ListAccessGrantsInstances permission to use this operation.
    ///
    /// Parameters:
    ///   - accountId: The Amazon Web Services account ID of the S3 Access Grants instance.
    ///   - maxResults: The maximum number of access grants that you would like returned in the List Access Grants response. If the results include the pagination token NextToken, make another call using the NextToken to determine if there are more results.
    ///   - nextToken: A pagination token to request the next page of results. Pass this value into a subsequent List Access Grants Instances request in order to retrieve the next page of results.
    ///   - logger: Logger use during operation
    @inlinable
    public func listAccessGrantsInstances(
        accountId: String,
        maxResults: Int? = nil,
        nextToken: String? = nil,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws -> ListAccessGrantsInstancesResult {
        let input = ListAccessGrantsInstancesRequest(
            accountId: accountId, 
            maxResults: maxResults, 
            nextToken: nextToken
        )
        return try await self.listAccessGrantsInstances(input, logger: logger)
    }

    /// Returns a list of the locations registered in your S3 Access Grants instance.  Permissions  You must have the s3:ListAccessGrantsLocations permission to use this operation.
    @Sendable
    @inlinable
    public func listAccessGrantsLocations(_ input: ListAccessGrantsLocationsRequest, logger: Logger = AWSClient.loggingDisabled) async throws -> ListAccessGrantsLocationsResult {
        try await self.client.execute(
            operation: "ListAccessGrantsLocations", 
            path: "/v20180820/accessgrantsinstance/locations", 
            httpMethod: .GET, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    /// Returns a list of the locations registered in your S3 Access Grants instance.  Permissions  You must have the s3:ListAccessGrantsLocations permission to use this operation.
    ///
    /// Parameters:
    ///   - accountId: The Amazon Web Services account ID of the S3 Access Grants instance.
    ///   - locationScope: The S3 path to the location that you are registering. The location scope can be the default S3 location s3://, the S3 path to a bucket s3://, or the S3 path to a bucket and prefix s3:///. A prefix in S3 is a string of characters at the beginning of an object key name used to organize the objects that you store in your S3 buckets. For example, object key names that start with the engineering/ prefix or object key names that start with the marketing/campaigns/ prefix.
    ///   - maxResults: The maximum number of access grants that you would like returned in the List Access Grants response. If the results include the pagination token NextToken, make another call using the NextToken to determine if there are more results.
    ///   - nextToken: A pagination token to request the next page of results. Pass this value into a subsequent List Access Grants Locations request in order to retrieve the next page of results.
    ///   - logger: Logger use during operation
    @inlinable
    public func listAccessGrantsLocations(
        accountId: String,
        locationScope: String? = nil,
        maxResults: Int? = nil,
        nextToken: String? = nil,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws -> ListAccessGrantsLocationsResult {
        let input = ListAccessGrantsLocationsRequest(
            accountId: accountId, 
            locationScope: locationScope, 
            maxResults: maxResults, 
            nextToken: nextToken
        )
        return try await self.listAccessGrantsLocations(input, logger: logger)
    }

    ///  This operation is not supported by directory buckets.  Returns a list of the access points. You can retrieve up to 1,000 access points per call. If the call returns more than 1,000 access points (or the number specified in maxResults, whichever is less), the response will include a continuation token that you can use to list the additional access points. Returns only access points attached to S3 buckets by default. To return all access points specify DataSourceType as ALL.  All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of s3-control. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id derived by using the access point ARN, see the Examples section. The following actions are related to ListAccessPoints:    CreateAccessPoint     DeleteAccessPoint     GetAccessPoint
    @Sendable
    @inlinable
    public func listAccessPoints(_ input: ListAccessPointsRequest, logger: Logger = AWSClient.loggingDisabled) async throws -> ListAccessPointsResult {
        try await self.client.execute(
            operation: "ListAccessPoints", 
            path: "/v20180820/accesspoint", 
            httpMethod: .GET, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    ///  This operation is not supported by directory buckets.  Returns a list of the access points. You can retrieve up to 1,000 access points per call. If the call returns more than 1,000 access points (or the number specified in maxResults, whichever is less), the response will include a continuation token that you can use to list the additional access points. Returns only access points attached to S3 buckets by default. To return all access points specify DataSourceType as ALL.  All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of s3-control. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id derived by using the access point ARN, see the Examples section. The following actions are related to ListAccessPoints:    CreateAccessPoint     DeleteAccessPoint     GetAccessPoint
    ///
    /// Parameters:
    ///   - accountId: The Amazon Web Services account ID for the account that owns the specified access points.
    ///   - bucket: The name of the bucket whose associated access points you want to list. For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well. For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must  specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:::outpost//bucket/. For example, to access the bucket reports through Outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports. The value must be URL encoded.
    ///   - dataSourceId: The unique identifier for the data source of the access point.
    ///   - dataSourceType: The type of the data source that the access point is attached to. Returns only access points attached to S3 buckets by default. To return all access points specify DataSourceType as ALL.
    ///   - maxResults: The maximum number of access points that you want to include in the list. If the specified bucket has more than this number of access points, then the response will include a continuation token in the NextToken field that you can use to retrieve the next page of access points.
    ///   - nextToken: A continuation token. If a previous call to ListAccessPoints returned a continuation token in the NextToken field, then providing that value here causes Amazon S3 to retrieve the next page of results.
    ///   - logger: Logger use during operation
    @inlinable
    public func listAccessPoints(
        accountId: String,
        bucket: String? = nil,
        dataSourceId: String? = nil,
        dataSourceType: String? = nil,
        maxResults: Int? = nil,
        nextToken: String? = nil,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws -> ListAccessPointsResult {
        let input = ListAccessPointsRequest(
            accountId: accountId, 
            bucket: bucket, 
            dataSourceId: dataSourceId, 
            dataSourceType: dataSourceType, 
            maxResults: maxResults, 
            nextToken: nextToken
        )
        return try await self.listAccessPoints(input, logger: logger)
    }

    /// Returns a list of the access points that are owned by the Amazon Web Services account and that are associated with the specified directory bucket. To list access points for general purpose buckets, see ListAccesspoints. To use this operation, you must have the permission to perform the s3express:ListAccessPointsForDirectoryBuckets action. For information about REST API errors, see REST error responses.
    @Sendable
    @inlinable
    public func listAccessPointsForDirectoryBuckets(_ input: ListAccessPointsForDirectoryBucketsRequest, logger: Logger = AWSClient.loggingDisabled) async throws -> ListAccessPointsForDirectoryBucketsResult {
        try await self.client.execute(
            operation: "ListAccessPointsForDirectoryBuckets", 
            path: "/v20180820/accesspointfordirectory", 
            httpMethod: .GET, 
            serviceConfig: self.config, 
            input: input, 
            logger: logger
        )
    }
    /// Returns a list of the access points that are owned by the Amazon Web Services account and that are associated with the specified directory bucket. To list access points for general purpose buckets, see ListAccesspoints. To use this operation, you must have the permission to perform the s3express:ListAccessPointsForDirectoryBuckets action. For information about REST API errors, see REST error responses.
    ///
    /// Parameters:
    ///   - accountId: The Amazon Web Services account ID that owns the access points.
    ///   - directoryBucket: The name of the directory bucket associated with the access points you want to list.
    ///   - maxResults: The maximum number of access points that you would like returned in the ListAccessPointsForDirectoryBuckets response. If the directory bucket is associated with more than this number of access points, the results include the pagination token NextToken. Make another call using the NextToken to retrieve more results.
    ///   - nextToken:  If NextToken is returned, there are more access points available than requested in the maxResults value. The value of NextToken is a unique pagination token for each page. Make the call again using the returned token to retrieve the next page. Keep all other arguments unchanged. Each pagination token expires after 24 hours.
    ///   - logger: Logger use during operation
    @inlinable
    public func listAccessPointsForDirectoryBuckets(
        accountId: String,
        directoryBucket: String? = nil,
        maxResults: Int? = nil,
        nextToken: String? = nil,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws -> ListAccessPointsForDirectoryBucketsResult {
        let input = ListAccessPointsForDirectoryBucketsRequest(
            accountId: accountId, 
            directoryBucket: directoryBucket, 
            maxResults: maxResults, 
            nextToken: nextToken
        )
        return try await self.listAccessPointsForDirectoryBuckets(input, logger: logger)
    }

    ///  This operation is not supported by directory buckets.  Returns some or all (up to 1,000) access points associated with the Object Lambda Access Point per call. If there are more access points than what can be returned in one call, the response will include a continuation token that you can use to list the additional access points. The following actions are related to ListAccessPointsForObjectLambda:    CreateAccessPointForObjectLambda     DeleteAccessPointForObjectLambda     GetAccessPointForObjectLambda
    @Sendable
    @inlinable
    public func listAccessPointsForObjectLambda(_ input: ListAccessPointsForObjectLambdaRequest, logger: Logger = AWSClient.loggingDisabled) async throws -> ListAccessPointsForObjectLambdaResult {
        try await self.client.execute(
            operation: "ListAccessPointsForObjectLambda", 
            path: "/v20180820/accesspointforobjectlambda", 
            httpMethod: .GET, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    ///  This operation is not supported by directory buckets.  Returns some or all (up to 1,000) access points associated with the Object Lambda Access Point per call. If there are more access points than what can be returned in one call, the response will include a continuation token that you can use to list the additional access points. The following actions are related to ListAccessPointsForObjectLambda:    CreateAccessPointForObjectLambda     DeleteAccessPointForObjectLambda     GetAccessPointForObjectLambda
    ///
    /// Parameters:
    ///   - accountId: The account ID for the account that owns the specified Object Lambda Access Point.
    ///   - maxResults: The maximum number of access points that you want to include in the list. The response may contain fewer access points but will never contain more. If there are more than this number of access points, then the response will include a continuation token in the NextToken field that you can use to retrieve the next page of access points.
    ///   - nextToken: If the list has more access points than can be returned in one call to this API, this field contains a continuation token that you can provide in subsequent calls to this API to retrieve additional access points.
    ///   - logger: Logger use during operation
    @inlinable
    public func listAccessPointsForObjectLambda(
        accountId: String,
        maxResults: Int? = nil,
        nextToken: String? = nil,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws -> ListAccessPointsForObjectLambdaResult {
        let input = ListAccessPointsForObjectLambdaRequest(
            accountId: accountId, 
            maxResults: maxResults, 
            nextToken: nextToken
        )
        return try await self.listAccessPointsForObjectLambda(input, logger: logger)
    }

    /// Use this API to list the access grants that grant the caller access to Amazon S3 data through S3 Access Grants. The caller (grantee) can be an Identity and Access Management (IAM) identity or Amazon Web Services Identity Center corporate directory identity. You must pass the Amazon Web Services account of the S3 data owner (grantor) in the request. You can, optionally, narrow the results by GrantScope, using a fragment of the data's S3 path, and S3 Access Grants will return only the grants with a path that contains the path fragment. You can also pass the AllowedByApplication filter in the request, which returns only the grants authorized for applications, whether the application is the caller's Identity Center application or any other application (ALL). For more information, see List the caller's access grants in the Amazon S3 User Guide.  Permissions  You must have the s3:ListCallerAccessGrants permission to use this operation.
    @Sendable
    @inlinable
    public func listCallerAccessGrants(_ input: ListCallerAccessGrantsRequest, logger: Logger = AWSClient.loggingDisabled) async throws -> ListCallerAccessGrantsResult {
        try await self.client.execute(
            operation: "ListCallerAccessGrants", 
            path: "/v20180820/accessgrantsinstance/caller/grants", 
            httpMethod: .GET, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    /// Use this API to list the access grants that grant the caller access to Amazon S3 data through S3 Access Grants. The caller (grantee) can be an Identity and Access Management (IAM) identity or Amazon Web Services Identity Center corporate directory identity. You must pass the Amazon Web Services account of the S3 data owner (grantor) in the request. You can, optionally, narrow the results by GrantScope, using a fragment of the data's S3 path, and S3 Access Grants will return only the grants with a path that contains the path fragment. You can also pass the AllowedByApplication filter in the request, which returns only the grants authorized for applications, whether the application is the caller's Identity Center application or any other application (ALL). For more information, see List the caller's access grants in the Amazon S3 User Guide.  Permissions  You must have the s3:ListCallerAccessGrants permission to use this operation.
    ///
    /// Parameters:
    ///   - accountId: The Amazon Web Services account ID of the S3 Access Grants instance.
    ///   - allowedByApplication: If this optional parameter is passed in the request, a filter is applied to the results. The results will include only the access grants for the caller's Identity Center application or for any other applications (ALL).
    ///   - grantScope: The S3 path of the data that you would like to access. Must start with s3://. You can optionally pass only the beginning characters of a path, and S3 Access Grants will search for all applicable grants for the path fragment.
    ///   - maxResults: The maximum number of access grants that you would like returned in the List Caller Access Grants response. If the results include the pagination token NextToken, make another call using the NextToken to determine if there are more results.
    ///   - nextToken: A pagination token to request the next page of results. Pass this value into a subsequent List Caller Access Grants request in order to retrieve the next page of results.
    ///   - logger: Logger use during operation
    @inlinable
    public func listCallerAccessGrants(
        accountId: String,
        allowedByApplication: Bool? = nil,
        grantScope: String? = nil,
        maxResults: Int? = nil,
        nextToken: String? = nil,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws -> ListCallerAccessGrantsResult {
        let input = ListCallerAccessGrantsRequest(
            accountId: accountId, 
            allowedByApplication: allowedByApplication, 
            grantScope: grantScope, 
            maxResults: maxResults, 
            nextToken: nextToken
        )
        return try await self.listCallerAccessGrants(input, logger: logger)
    }

    /// Lists current S3 Batch Operations jobs as well as the jobs that have ended within the last 90 days for the Amazon Web Services account making the request. For more information, see S3 Batch Operations in the Amazon S3 User Guide.  Permissions  To use the ListJobs operation, you must have permission to perform the s3:ListJobs action.   Related actions include:     CreateJob     DescribeJob     UpdateJobPriority     UpdateJobStatus
    @Sendable
    @inlinable
    public func listJobs(_ input: ListJobsRequest, logger: Logger = AWSClient.loggingDisabled) async throws -> ListJobsResult {
        try await self.client.execute(
            operation: "ListJobs", 
            path: "/v20180820/jobs", 
            httpMethod: .GET, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    /// Lists current S3 Batch Operations jobs as well as the jobs that have ended within the last 90 days for the Amazon Web Services account making the request. For more information, see S3 Batch Operations in the Amazon S3 User Guide.  Permissions  To use the ListJobs operation, you must have permission to perform the s3:ListJobs action.   Related actions include:     CreateJob     DescribeJob     UpdateJobPriority     UpdateJobStatus
    ///
    /// Parameters:
    ///   - accountId: The Amazon Web Services account ID associated with the S3 Batch Operations job.
    ///   - jobStatuses: The List Jobs request returns jobs that match the statuses listed in this element.
    ///   - maxResults: The maximum number of jobs that Amazon S3 will include in the List Jobs response. If there are more jobs than this number, the response will include a pagination token in the NextToken field to enable you to retrieve the next page of results.
    ///   - nextToken: A pagination token to request the next page of results. Use the token that Amazon S3 returned in the NextToken element of the ListJobsResult from the previous List Jobs request.
    ///   - logger: Logger use during operation
    @inlinable
    public func listJobs(
        accountId: String,
        jobStatuses: [JobStatus]? = nil,
        maxResults: Int? = nil,
        nextToken: String? = nil,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws -> ListJobsResult {
        let input = ListJobsRequest(
            accountId: accountId, 
            jobStatuses: jobStatuses, 
            maxResults: maxResults, 
            nextToken: nextToken
        )
        return try await self.listJobs(input, logger: logger)
    }

    ///  This operation is not supported by directory buckets.  Returns a list of the Multi-Region Access Points currently associated with the specified Amazon Web Services account. Each call can return up to 100 Multi-Region Access Points, the maximum number of Multi-Region Access Points that can be associated with a single account. This action will always be routed to the US West (Oregon) Region. For more information about the restrictions around working with Multi-Region Access Points, see Multi-Region Access Point restrictions and limitations in the Amazon S3 User Guide. The following actions are related to ListMultiRegionAccessPoint:    CreateMultiRegionAccessPoint     DeleteMultiRegionAccessPoint     DescribeMultiRegionAccessPointOperation     GetMultiRegionAccessPoint
    @Sendable
    @inlinable
    public func listMultiRegionAccessPoints(_ input: ListMultiRegionAccessPointsRequest, logger: Logger = AWSClient.loggingDisabled) async throws -> ListMultiRegionAccessPointsResult {
        try await self.client.execute(
            operation: "ListMultiRegionAccessPoints", 
            path: "/v20180820/mrap/instances", 
            httpMethod: .GET, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    ///  This operation is not supported by directory buckets.  Returns a list of the Multi-Region Access Points currently associated with the specified Amazon Web Services account. Each call can return up to 100 Multi-Region Access Points, the maximum number of Multi-Region Access Points that can be associated with a single account. This action will always be routed to the US West (Oregon) Region. For more information about the restrictions around working with Multi-Region Access Points, see Multi-Region Access Point restrictions and limitations in the Amazon S3 User Guide. The following actions are related to ListMultiRegionAccessPoint:    CreateMultiRegionAccessPoint     DeleteMultiRegionAccessPoint     DescribeMultiRegionAccessPointOperation     GetMultiRegionAccessPoint
    ///
    /// Parameters:
    ///   - accountId: The Amazon Web Services account ID for the owner of the Multi-Region Access Point.
    ///   - maxResults: Not currently used. Do not use this parameter.
    ///   - nextToken: Not currently used. Do not use this parameter.
    ///   - logger: Logger use during operation
    @inlinable
    public func listMultiRegionAccessPoints(
        accountId: String,
        maxResults: Int? = nil,
        nextToken: String? = nil,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws -> ListMultiRegionAccessPointsResult {
        let input = ListMultiRegionAccessPointsRequest(
            accountId: accountId, 
            maxResults: maxResults, 
            nextToken: nextToken
        )
        return try await self.listMultiRegionAccessPoints(input, logger: logger)
    }

    ///  This operation is not supported by directory buckets.  Returns a list of all Outposts buckets in an Outpost that are owned by the authenticated sender of the request. For more information, see Using Amazon S3 on Outposts in the Amazon S3 User Guide. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and x-amz-outpost-id in your request, see the Examples section.
    @Sendable
    @inlinable
    public func listRegionalBuckets(_ input: ListRegionalBucketsRequest, logger: Logger = AWSClient.loggingDisabled) async throws -> ListRegionalBucketsResult {
        try await self.client.execute(
            operation: "ListRegionalBuckets", 
            path: "/v20180820/bucket", 
            httpMethod: .GET, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    ///  This operation is not supported by directory buckets.  Returns a list of all Outposts buckets in an Outpost that are owned by the authenticated sender of the request. For more information, see Using Amazon S3 on Outposts in the Amazon S3 User Guide. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and x-amz-outpost-id in your request, see the Examples section.
    ///
    /// Parameters:
    ///   - accountId: The Amazon Web Services account ID of the Outposts bucket.
    ///   - maxResults: 
    ///   - nextToken: 
    ///   - outpostId: The ID of the Outposts resource.  This ID is required by Amazon S3 on Outposts buckets.
    ///   - logger: Logger use during operation
    @inlinable
    public func listRegionalBuckets(
        accountId: String,
        maxResults: Int? = nil,
        nextToken: String? = nil,
        outpostId: String? = nil,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws -> ListRegionalBucketsResult {
        let input = ListRegionalBucketsRequest(
            accountId: accountId, 
            maxResults: maxResults, 
            nextToken: nextToken, 
            outpostId: outpostId
        )
        return try await self.listRegionalBuckets(input, logger: logger)
    }

    ///  This operation is not supported by directory buckets.  Gets a list of Amazon S3 Storage Lens configurations. For more information about S3 Storage Lens, see Assessing your storage activity and usage with Amazon S3 Storage Lens  in the Amazon S3 User Guide.  To use this action, you must have permission to perform the s3:ListStorageLensConfigurations action. For more information, see Setting permissions to use Amazon S3 Storage Lens in the Amazon S3 User Guide.
    @Sendable
    @inlinable
    public func listStorageLensConfigurations(_ input: ListStorageLensConfigurationsRequest, logger: Logger = AWSClient.loggingDisabled) async throws -> ListStorageLensConfigurationsResult {
        try await self.client.execute(
            operation: "ListStorageLensConfigurations", 
            path: "/v20180820/storagelens", 
            httpMethod: .GET, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    ///  This operation is not supported by directory buckets.  Gets a list of Amazon S3 Storage Lens configurations. For more information about S3 Storage Lens, see Assessing your storage activity and usage with Amazon S3 Storage Lens  in the Amazon S3 User Guide.  To use this action, you must have permission to perform the s3:ListStorageLensConfigurations action. For more information, see Setting permissions to use Amazon S3 Storage Lens in the Amazon S3 User Guide.
    ///
    /// Parameters:
    ///   - accountId: The account ID of the requester.
    ///   - nextToken: A pagination token to request the next page of results.
    ///   - logger: Logger use during operation
    @inlinable
    public func listStorageLensConfigurations(
        accountId: String,
        nextToken: String? = nil,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws -> ListStorageLensConfigurationsResult {
        let input = ListStorageLensConfigurationsRequest(
            accountId: accountId, 
            nextToken: nextToken
        )
        return try await self.listStorageLensConfigurations(input, logger: logger)
    }

    /// Lists all the Storage Lens groups in the specified home Region.
    ///  To use this operation, you must have the permission to perform the s3:ListStorageLensGroups action. For more information about the required Storage Lens Groups permissions, see Setting account permissions to use S3 Storage Lens groups. For information about Storage Lens groups errors, see List of Amazon S3 Storage Lens error codes.
    @Sendable
    @inlinable
    public func listStorageLensGroups(_ input: ListStorageLensGroupsRequest, logger: Logger = AWSClient.loggingDisabled) async throws -> ListStorageLensGroupsResult {
        try await self.client.execute(
            operation: "ListStorageLensGroups", 
            path: "/v20180820/storagelensgroup", 
            httpMethod: .GET, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    /// Lists all the Storage Lens groups in the specified home Region.
    ///  To use this operation, you must have the permission to perform the s3:ListStorageLensGroups action. For more information about the required Storage Lens Groups permissions, see Setting account permissions to use S3 Storage Lens groups. For information about Storage Lens groups errors, see List of Amazon S3 Storage Lens error codes.
    ///
    /// Parameters:
    ///   - accountId:  The Amazon Web Services account ID that owns the Storage Lens groups.
    ///   - nextToken: The token for the next set of results, or null if there are no more results.
    ///   - logger: Logger use during operation
    @inlinable
    public func listStorageLensGroups(
        accountId: String,
        nextToken: String? = nil,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws -> ListStorageLensGroupsResult {
        let input = ListStorageLensGroupsRequest(
            accountId: accountId, 
            nextToken: nextToken
        )
        return try await self.listStorageLensGroups(input, logger: logger)
    }

    /// This operation allows you to list all of the tags for a specified resource. Each tag is a label consisting of a key and value. Tags can help you organize, track costs for, and control access to resources.   This operation is only supported for the following Amazon S3 resources:    Directory buckets     Storage Lens groups     S3 Access Grants instances, registered locations, and grants.     Permissions  For Storage Lens groups and S3 Access Grants, you must have the s3:ListTagsForResource permission to use this operation.  For more information about the required Storage Lens Groups permissions, see Setting account permissions to use S3 Storage Lens groups.  Directory bucket permissions  For directory buckets, you must have the s3express:ListTagsForResource permission to use this operation. For more information about directory buckets policies and permissions, see Identity and Access Management (IAM) for S3 Express One Zone in the Amazon S3 User Guide.  HTTP Host header syntax   Directory buckets  - The HTTP Host header syntax is s3express-control.region.amazonaws.com.   For information about S3 Tagging errors, see List of Amazon S3 Tagging error codes.
    @Sendable
    @inlinable
    public func listTagsForResource(_ input: ListTagsForResourceRequest, logger: Logger = AWSClient.loggingDisabled) async throws -> ListTagsForResourceResult {
        try await self.client.execute(
            operation: "ListTagsForResource", 
            path: "/v20180820/tags/{ResourceArn+}", 
            httpMethod: .GET, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    /// This operation allows you to list all of the tags for a specified resource. Each tag is a label consisting of a key and value. Tags can help you organize, track costs for, and control access to resources.   This operation is only supported for the following Amazon S3 resources:    Directory buckets     Storage Lens groups     S3 Access Grants instances, registered locations, and grants.     Permissions  For Storage Lens groups and S3 Access Grants, you must have the s3:ListTagsForResource permission to use this operation.  For more information about the required Storage Lens Groups permissions, see Setting account permissions to use S3 Storage Lens groups.  Directory bucket permissions  For directory buckets, you must have the s3express:ListTagsForResource permission to use this operation. For more information about directory buckets policies and permissions, see Identity and Access Management (IAM) for S3 Express One Zone in the Amazon S3 User Guide.  HTTP Host header syntax   Directory buckets  - The HTTP Host header syntax is s3express-control.region.amazonaws.com.   For information about S3 Tagging errors, see List of Amazon S3 Tagging error codes.
    ///
    /// Parameters:
    ///   - accountId: The Amazon Web Services account ID of the resource owner.
    ///   - resourceArn: The Amazon Resource Name (ARN) of the S3 resource that you want to list tags for. The tagged resource can be a directory bucket, S3 Storage Lens group or S3 Access Grants instance, registered location, or grant.
    ///   - logger: Logger use during operation
    @inlinable
    public func listTagsForResource(
        accountId: String,
        resourceArn: String,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws -> ListTagsForResourceResult {
        let input = ListTagsForResourceRequest(
            accountId: accountId, 
            resourceArn: resourceArn
        )
        return try await self.listTagsForResource(input, logger: logger)
    }

    /// Updates the resource policy of the S3 Access Grants instance.   Permissions  You must have the s3:PutAccessGrantsInstanceResourcePolicy permission to use this operation.
    @Sendable
    @inlinable
    public func putAccessGrantsInstanceResourcePolicy(_ input: PutAccessGrantsInstanceResourcePolicyRequest, logger: Logger = AWSClient.loggingDisabled) async throws -> PutAccessGrantsInstanceResourcePolicyResult {
        try await self.client.execute(
            operation: "PutAccessGrantsInstanceResourcePolicy", 
            path: "/v20180820/accessgrantsinstance/resourcepolicy", 
            httpMethod: .PUT, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    /// Updates the resource policy of the S3 Access Grants instance.   Permissions  You must have the s3:PutAccessGrantsInstanceResourcePolicy permission to use this operation.
    ///
    /// Parameters:
    ///   - accountId: The Amazon Web Services account ID of the S3 Access Grants instance.
    ///   - organization: The Organization of the resource policy of the S3 Access Grants instance.
    ///   - policy: The resource policy of the S3 Access Grants instance that you are updating.
    ///   - logger: Logger use during operation
    @inlinable
    public func putAccessGrantsInstanceResourcePolicy(
        accountId: String,
        organization: String? = nil,
        policy: String,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws -> PutAccessGrantsInstanceResourcePolicyResult {
        let input = PutAccessGrantsInstanceResourcePolicyRequest(
            accountId: accountId, 
            organization: organization, 
            policy: policy
        )
        return try await self.putAccessGrantsInstanceResourcePolicy(input, logger: logger)
    }

    ///  This operation is not supported by directory buckets.  Replaces configuration for an Object Lambda Access Point. The following actions are related to PutAccessPointConfigurationForObjectLambda:    GetAccessPointConfigurationForObjectLambda
    @Sendable
    @inlinable
    public func putAccessPointConfigurationForObjectLambda(_ input: PutAccessPointConfigurationForObjectLambdaRequest, logger: Logger = AWSClient.loggingDisabled) async throws {
        try await self.client.execute(
            operation: "PutAccessPointConfigurationForObjectLambda", 
            path: "/v20180820/accesspointforobjectlambda/{Name}/configuration", 
            httpMethod: .PUT, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    ///  This operation is not supported by directory buckets.  Replaces configuration for an Object Lambda Access Point. The following actions are related to PutAccessPointConfigurationForObjectLambda:    GetAccessPointConfigurationForObjectLambda
    ///
    /// Parameters:
    ///   - accountId: The account ID for the account that owns the specified Object Lambda Access Point.
    ///   - configuration: Object Lambda Access Point configuration document.
    ///   - name: The name of the Object Lambda Access Point.
    ///   - logger: Logger use during operation
    @inlinable
    public func putAccessPointConfigurationForObjectLambda(
        accountId: String,
        configuration: ObjectLambdaConfiguration,
        name: String,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws {
        let input = PutAccessPointConfigurationForObjectLambdaRequest(
            accountId: accountId, 
            configuration: configuration, 
            name: name
        )
        return try await self.putAccessPointConfigurationForObjectLambda(input, logger: logger)
    }

    /// Associates an access policy with the specified access point. Each access point can have only one policy, so a request made to this API replaces any existing policy associated with the specified access point.  All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of s3-control. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id derived by using the access point ARN, see the Examples section. The following actions are related to PutAccessPointPolicy:    GetAccessPointPolicy     DeleteAccessPointPolicy
    @Sendable
    @inlinable
    public func putAccessPointPolicy(_ input: PutAccessPointPolicyRequest, logger: Logger = AWSClient.loggingDisabled) async throws {
        try await self.client.execute(
            operation: "PutAccessPointPolicy", 
            path: "/v20180820/accesspoint/{Name}/policy", 
            httpMethod: .PUT, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    /// Associates an access policy with the specified access point. Each access point can have only one policy, so a request made to this API replaces any existing policy associated with the specified access point.  All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of s3-control. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id derived by using the access point ARN, see the Examples section. The following actions are related to PutAccessPointPolicy:    GetAccessPointPolicy     DeleteAccessPointPolicy
    ///
    /// Parameters:
    ///   - accountId: The Amazon Web Services account ID for owner of the bucket associated with the specified access point.
    ///   - name: The name of the access point that you want to associate with the specified policy. For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well. For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must  specify the ARN of the access point accessed in the format arn:aws:s3-outposts:::outpost//accesspoint/. For example, to access the access point reports-ap through Outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/accesspoint/reports-ap. The value must be URL encoded.
    ///   - policy: The policy that you want to apply to the specified access point. For more information about access point policies, see Managing data access with Amazon S3 access points or Managing access to shared datasets in directory buckets with access points in the Amazon S3 User Guide.
    ///   - logger: Logger use during operation
    @inlinable
    public func putAccessPointPolicy(
        accountId: String,
        name: String,
        policy: String,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws {
        let input = PutAccessPointPolicyRequest(
            accountId: accountId, 
            name: name, 
            policy: policy
        )
        return try await self.putAccessPointPolicy(input, logger: logger)
    }

    ///  This operation is not supported by directory buckets.  Creates or replaces resource policy for an Object Lambda Access Point. For an example policy, see Creating Object Lambda Access Points in the Amazon S3 User Guide. The following actions are related to PutAccessPointPolicyForObjectLambda:    DeleteAccessPointPolicyForObjectLambda     GetAccessPointPolicyForObjectLambda
    @Sendable
    @inlinable
    public func putAccessPointPolicyForObjectLambda(_ input: PutAccessPointPolicyForObjectLambdaRequest, logger: Logger = AWSClient.loggingDisabled) async throws {
        try await self.client.execute(
            operation: "PutAccessPointPolicyForObjectLambda", 
            path: "/v20180820/accesspointforobjectlambda/{Name}/policy", 
            httpMethod: .PUT, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    ///  This operation is not supported by directory buckets.  Creates or replaces resource policy for an Object Lambda Access Point. For an example policy, see Creating Object Lambda Access Points in the Amazon S3 User Guide. The following actions are related to PutAccessPointPolicyForObjectLambda:    DeleteAccessPointPolicyForObjectLambda     GetAccessPointPolicyForObjectLambda
    ///
    /// Parameters:
    ///   - accountId: The account ID for the account that owns the specified Object Lambda Access Point.
    ///   - name: The name of the Object Lambda Access Point.
    ///   - policy: Object Lambda Access Point resource policy document.
    ///   - logger: Logger use during operation
    @inlinable
    public func putAccessPointPolicyForObjectLambda(
        accountId: String,
        name: String,
        policy: String,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws {
        let input = PutAccessPointPolicyForObjectLambdaRequest(
            accountId: accountId, 
            name: name, 
            policy: policy
        )
        return try await self.putAccessPointPolicyForObjectLambda(input, logger: logger)
    }

    /// Creates or replaces the access point scope for a directory bucket. You can use the access point scope to restrict access to specific prefixes, API operations, or a combination of both.  You can specify any amount of prefixes, but the total length of characters of all prefixes must be less than 256 bytes in size.  To use this operation, you must have the permission to perform the s3express:PutAccessPointScope action. For information about REST API errors, see REST error responses.
    @Sendable
    @inlinable
    public func putAccessPointScope(_ input: PutAccessPointScopeRequest, logger: Logger = AWSClient.loggingDisabled) async throws {
        try await self.client.execute(
            operation: "PutAccessPointScope", 
            path: "/v20180820/accesspoint/{Name}/scope", 
            httpMethod: .PUT, 
            serviceConfig: self.config, 
            input: input, 
            logger: logger
        )
    }
    /// Creates or replaces the access point scope for a directory bucket. You can use the access point scope to restrict access to specific prefixes, API operations, or a combination of both.  You can specify any amount of prefixes, but the total length of characters of all prefixes must be less than 256 bytes in size.  To use this operation, you must have the permission to perform the s3express:PutAccessPointScope action. For information about REST API errors, see REST error responses.
    ///
    /// Parameters:
    ///   - accountId:  The Amazon Web Services account ID that owns the access point with scope that you want to create or replace.
    ///   - name: The name of the access point with the scope that you want to create or replace.
    ///   - scope: Object prefixes, API operations, or a combination of both.
    ///   - logger: Logger use during operation
    @inlinable
    public func putAccessPointScope(
        accountId: String,
        name: String,
        scope: Scope,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws {
        let input = PutAccessPointScopeRequest(
            accountId: accountId, 
            name: name, 
            scope: scope
        )
        return try await self.putAccessPointScope(input, logger: logger)
    }

    ///  This action puts a lifecycle configuration to an Amazon S3 on Outposts bucket. To put a lifecycle configuration to an S3 bucket, see PutBucketLifecycleConfiguration in the Amazon S3 API Reference.   Creates a new lifecycle configuration for the S3 on Outposts bucket or replaces an existing lifecycle configuration. Outposts buckets only support lifecycle configurations that delete/expire objects after a certain period of time and abort incomplete multipart uploads.  All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of s3-control. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id derived by using the access point ARN, see the Examples section. The following actions are related to PutBucketLifecycleConfiguration:    GetBucketLifecycleConfiguration     DeleteBucketLifecycleConfiguration
    @Sendable
    @inlinable
    public func putBucketLifecycleConfiguration(_ input: PutBucketLifecycleConfigurationRequest, logger: Logger = AWSClient.loggingDisabled) async throws {
        try await self.client.execute(
            operation: "PutBucketLifecycleConfiguration", 
            path: "/v20180820/bucket/{Bucket}/lifecycleconfiguration", 
            httpMethod: .PUT, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    ///  This action puts a lifecycle configuration to an Amazon S3 on Outposts bucket. To put a lifecycle configuration to an S3 bucket, see PutBucketLifecycleConfiguration in the Amazon S3 API Reference.   Creates a new lifecycle configuration for the S3 on Outposts bucket or replaces an existing lifecycle configuration. Outposts buckets only support lifecycle configurations that delete/expire objects after a certain period of time and abort incomplete multipart uploads.  All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of s3-control. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id derived by using the access point ARN, see the Examples section. The following actions are related to PutBucketLifecycleConfiguration:    GetBucketLifecycleConfiguration     DeleteBucketLifecycleConfiguration
    ///
    /// Parameters:
    ///   - accountId: The Amazon Web Services account ID of the Outposts bucket.
    ///   - bucket: The name of the bucket for which to set the configuration.
    ///   - lifecycleConfiguration: Container for lifecycle rules. You can add as many as 1,000 rules.
    ///   - logger: Logger use during operation
    @inlinable
    public func putBucketLifecycleConfiguration(
        accountId: String,
        bucket: String,
        lifecycleConfiguration: LifecycleConfiguration? = nil,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws {
        let input = PutBucketLifecycleConfigurationRequest(
            accountId: accountId, 
            bucket: bucket, 
            lifecycleConfiguration: lifecycleConfiguration
        )
        return try await self.putBucketLifecycleConfiguration(input, logger: logger)
    }

    ///  This action puts a bucket policy to an Amazon S3 on Outposts bucket. To put a policy on an S3 bucket, see PutBucketPolicy in the Amazon S3 API Reference.   Applies an Amazon S3 bucket policy to an Outposts bucket. For more information, see Using Amazon S3 on Outposts in the Amazon S3 User Guide. If you are using an identity other than the root user of the Amazon Web Services account that owns the Outposts bucket, the calling identity must have the PutBucketPolicy permissions on the specified Outposts bucket and belong to the bucket owner's account in order to use this action. If you don't have PutBucketPolicy permissions, Amazon S3 returns a 403 Access Denied error. If you have the correct permissions, but you're not using an identity that belongs to the bucket owner's account, Amazon S3 returns a 405 Method Not Allowed error.  As a security precaution, the root user of the Amazon Web Services account that owns a bucket can always use this action, even if the policy explicitly denies the root user the ability to perform this action.   For more information about bucket policies, see Using Bucket Policies and User Policies. All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of s3-control. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id derived by using the access point ARN, see the Examples section. The following actions are related to PutBucketPolicy:    GetBucketPolicy     DeleteBucketPolicy
    @Sendable
    @inlinable
    public func putBucketPolicy(_ input: PutBucketPolicyRequest, logger: Logger = AWSClient.loggingDisabled) async throws {
        try await self.client.execute(
            operation: "PutBucketPolicy", 
            path: "/v20180820/bucket/{Bucket}/policy", 
            httpMethod: .PUT, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    ///  This action puts a bucket policy to an Amazon S3 on Outposts bucket. To put a policy on an S3 bucket, see PutBucketPolicy in the Amazon S3 API Reference.   Applies an Amazon S3 bucket policy to an Outposts bucket. For more information, see Using Amazon S3 on Outposts in the Amazon S3 User Guide. If you are using an identity other than the root user of the Amazon Web Services account that owns the Outposts bucket, the calling identity must have the PutBucketPolicy permissions on the specified Outposts bucket and belong to the bucket owner's account in order to use this action. If you don't have PutBucketPolicy permissions, Amazon S3 returns a 403 Access Denied error. If you have the correct permissions, but you're not using an identity that belongs to the bucket owner's account, Amazon S3 returns a 405 Method Not Allowed error.  As a security precaution, the root user of the Amazon Web Services account that owns a bucket can always use this action, even if the policy explicitly denies the root user the ability to perform this action.   For more information about bucket policies, see Using Bucket Policies and User Policies. All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of s3-control. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id derived by using the access point ARN, see the Examples section. The following actions are related to PutBucketPolicy:    GetBucketPolicy     DeleteBucketPolicy
    ///
    /// Parameters:
    ///   - accountId: The Amazon Web Services account ID of the Outposts bucket.
    ///   - bucket: Specifies the bucket. For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well. For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must  specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:::outpost//bucket/. For example, to access the bucket reports through Outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports. The value must be URL encoded.
    ///   - confirmRemoveSelfBucketAccess: Set this parameter to true to confirm that you want to remove your permissions to change this bucket policy in the future.  This is not supported by Amazon S3 on Outposts buckets.
    ///   - policy: The bucket policy as a JSON document.
    ///   - logger: Logger use during operation
    @inlinable
    public func putBucketPolicy(
        accountId: String,
        bucket: String,
        confirmRemoveSelfBucketAccess: Bool? = nil,
        policy: String,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws {
        let input = PutBucketPolicyRequest(
            accountId: accountId, 
            bucket: bucket, 
            confirmRemoveSelfBucketAccess: confirmRemoveSelfBucketAccess, 
            policy: policy
        )
        return try await self.putBucketPolicy(input, logger: logger)
    }

    ///  This action creates an Amazon S3 on Outposts bucket's replication configuration. To create an S3 bucket's replication configuration, see PutBucketReplication in the Amazon S3 API Reference.   Creates a replication configuration or replaces an existing one. For information about S3 replication on Outposts configuration, see Replicating objects for S3 on Outposts in the Amazon S3 User Guide.  It can take a while to propagate PUT or DELETE requests for a replication configuration to all S3 on Outposts systems. Therefore, the replication configuration that's returned by a GET request soon after a PUT or DELETE request might return a more recent result than what's on the Outpost. If an Outpost is offline, the delay in updating the replication configuration on that Outpost can be significant.  Specify the replication configuration in the request body. In the replication configuration, you provide the following information:   The name of the destination bucket or buckets where you want S3 on Outposts to replicate objects   The Identity and Access Management (IAM) role that S3 on Outposts can assume to replicate objects on your behalf   Other relevant information, such as replication rules   A replication configuration must include at least one rule and can contain a maximum of 100. Each rule identifies a subset of objects to replicate by filtering the objects in the source Outposts bucket. To choose additional subsets of objects to replicate, add a rule for each subset. To specify a subset of the objects in the source Outposts bucket to apply a replication rule to, add the Filter element as a child of the Rule element. You can filter objects based on an object key prefix, one or more object tags, or both. When you add the Filter element in the configuration, you must also add the following elements: DeleteMarkerReplication, Status, and Priority. Using PutBucketReplication on Outposts requires that both the source and destination buckets must have versioning enabled. For information about enabling versioning on a bucket, see Managing S3 Versioning for your S3 on Outposts bucket. For information about S3 on Outposts replication failure reasons, see Replication failure reasons in the Amazon S3 User Guide.  Handling Replication of Encrypted Objects  Outposts buckets are encrypted at all times. All the objects in the source Outposts bucket are encrypted and can be replicated. Also, all the replicas in the destination Outposts bucket are encrypted with the same encryption key as the objects in the source Outposts bucket.  Permissions  To create a PutBucketReplication request, you must have s3-outposts:PutReplicationConfiguration permissions for the bucket. The Outposts bucket owner has this permission by default and can grant it to others. For more information about permissions, see Setting up IAM with S3 on Outposts and Managing access to S3 on Outposts buckets.   To perform this operation, the user or role must also have the iam:CreateRole and iam:PassRole permissions. For more information, see Granting a user permissions to pass a role to an Amazon Web Services service.  All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of s3-control. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id derived by using the access point ARN, see the Examples section. The following operations are related to PutBucketReplication:    GetBucketReplication     DeleteBucketReplication
    @Sendable
    @inlinable
    public func putBucketReplication(_ input: PutBucketReplicationRequest, logger: Logger = AWSClient.loggingDisabled) async throws {
        try await self.client.execute(
            operation: "PutBucketReplication", 
            path: "/v20180820/bucket/{Bucket}/replication", 
            httpMethod: .PUT, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    ///  This action creates an Amazon S3 on Outposts bucket's replication configuration. To create an S3 bucket's replication configuration, see PutBucketReplication in the Amazon S3 API Reference.   Creates a replication configuration or replaces an existing one. For information about S3 replication on Outposts configuration, see Replicating objects for S3 on Outposts in the Amazon S3 User Guide.  It can take a while to propagate PUT or DELETE requests for a replication configuration to all S3 on Outposts systems. Therefore, the replication configuration that's returned by a GET request soon after a PUT or DELETE request might return a more recent result than what's on the Outpost. If an Outpost is offline, the delay in updating the replication configuration on that Outpost can be significant.  Specify the replication configuration in the request body. In the replication configuration, you provide the following information:   The name of the destination bucket or buckets where you want S3 on Outposts to replicate objects   The Identity and Access Management (IAM) role that S3 on Outposts can assume to replicate objects on your behalf   Other relevant information, such as replication rules   A replication configuration must include at least one rule and can contain a maximum of 100. Each rule identifies a subset of objects to replicate by filtering the objects in the source Outposts bucket. To choose additional subsets of objects to replicate, add a rule for each subset. To specify a subset of the objects in the source Outposts bucket to apply a replication rule to, add the Filter element as a child of the Rule element. You can filter objects based on an object key prefix, one or more object tags, or both. When you add the Filter element in the configuration, you must also add the following elements: DeleteMarkerReplication, Status, and Priority. Using PutBucketReplication on Outposts requires that both the source and destination buckets must have versioning enabled. For information about enabling versioning on a bucket, see Managing S3 Versioning for your S3 on Outposts bucket. For information about S3 on Outposts replication failure reasons, see Replication failure reasons in the Amazon S3 User Guide.  Handling Replication of Encrypted Objects  Outposts buckets are encrypted at all times. All the objects in the source Outposts bucket are encrypted and can be replicated. Also, all the replicas in the destination Outposts bucket are encrypted with the same encryption key as the objects in the source Outposts bucket.  Permissions  To create a PutBucketReplication request, you must have s3-outposts:PutReplicationConfiguration permissions for the bucket. The Outposts bucket owner has this permission by default and can grant it to others. For more information about permissions, see Setting up IAM with S3 on Outposts and Managing access to S3 on Outposts buckets.   To perform this operation, the user or role must also have the iam:CreateRole and iam:PassRole permissions. For more information, see Granting a user permissions to pass a role to an Amazon Web Services service.  All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of s3-control. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id derived by using the access point ARN, see the Examples section. The following operations are related to PutBucketReplication:    GetBucketReplication     DeleteBucketReplication
    ///
    /// Parameters:
    ///   - accountId: The Amazon Web Services account ID of the Outposts bucket.
    ///   - bucket: Specifies the S3 on Outposts bucket to set the configuration for. For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well. For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must  specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:::outpost//bucket/. For example, to access the bucket reports through Outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports. The value must be URL encoded.
    ///   - replicationConfiguration: 
    ///   - logger: Logger use during operation
    @inlinable
    public func putBucketReplication(
        accountId: String,
        bucket: String,
        replicationConfiguration: ReplicationConfiguration,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws {
        let input = PutBucketReplicationRequest(
            accountId: accountId, 
            bucket: bucket, 
            replicationConfiguration: replicationConfiguration
        )
        return try await self.putBucketReplication(input, logger: logger)
    }

    ///  This action puts tags on an Amazon S3 on Outposts bucket. To put tags on an S3 bucket, see PutBucketTagging in the Amazon S3 API Reference.   Sets the tags for an S3 on Outposts bucket. For more information, see Using Amazon S3 on Outposts in the Amazon S3 User Guide. Use tags to organize your Amazon Web Services bill to reflect your own cost structure. To do this, sign up to get your Amazon Web Services account bill with tag key values included. Then, to see the cost of combined resources, organize your billing information according to resources with the same tag key values. For example, you can tag several resources with a specific application name, and then organize your billing information to see the total cost of that application across several services. For more information, see Cost allocation and tagging.  Within a bucket, if you add a tag that has the same key as an existing tag, the new value overwrites the old value. For more information, see  Using cost allocation in Amazon S3 bucket tags.  To use this action, you must have permissions to perform the s3-outposts:PutBucketTagging action. The Outposts bucket owner has this permission by default and can grant this permission to others. For more information about permissions, see  Permissions Related to Bucket Subresource Operations and Managing access permissions to your Amazon S3 resources.  PutBucketTagging has the following special errors:   Error code: InvalidTagError    Description: The tag provided was not a valid tag. This error can occur if the tag did not pass input validation. For information about tag restrictions, see  User-Defined Tag Restrictions and  Amazon Web Services-Generated Cost Allocation Tag Restrictions.     Error code: MalformedXMLError    Description: The XML provided does not match the schema.     Error code: OperationAbortedError     Description: A conflicting conditional action is currently in progress against this resource. Try again.     Error code: InternalError    Description: The service was unable to apply the provided tag to the bucket.     All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of s3-control. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id derived by using the access point ARN, see the Examples section. The following actions are related to PutBucketTagging:    GetBucketTagging     DeleteBucketTagging
    @Sendable
    @inlinable
    public func putBucketTagging(_ input: PutBucketTaggingRequest, logger: Logger = AWSClient.loggingDisabled) async throws {
        try await self.client.execute(
            operation: "PutBucketTagging", 
            path: "/v20180820/bucket/{Bucket}/tagging", 
            httpMethod: .PUT, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    ///  This action puts tags on an Amazon S3 on Outposts bucket. To put tags on an S3 bucket, see PutBucketTagging in the Amazon S3 API Reference.   Sets the tags for an S3 on Outposts bucket. For more information, see Using Amazon S3 on Outposts in the Amazon S3 User Guide. Use tags to organize your Amazon Web Services bill to reflect your own cost structure. To do this, sign up to get your Amazon Web Services account bill with tag key values included. Then, to see the cost of combined resources, organize your billing information according to resources with the same tag key values. For example, you can tag several resources with a specific application name, and then organize your billing information to see the total cost of that application across several services. For more information, see Cost allocation and tagging.  Within a bucket, if you add a tag that has the same key as an existing tag, the new value overwrites the old value. For more information, see  Using cost allocation in Amazon S3 bucket tags.  To use this action, you must have permissions to perform the s3-outposts:PutBucketTagging action. The Outposts bucket owner has this permission by default and can grant this permission to others. For more information about permissions, see  Permissions Related to Bucket Subresource Operations and Managing access permissions to your Amazon S3 resources.  PutBucketTagging has the following special errors:   Error code: InvalidTagError    Description: The tag provided was not a valid tag. This error can occur if the tag did not pass input validation. For information about tag restrictions, see  User-Defined Tag Restrictions and  Amazon Web Services-Generated Cost Allocation Tag Restrictions.     Error code: MalformedXMLError    Description: The XML provided does not match the schema.     Error code: OperationAbortedError     Description: A conflicting conditional action is currently in progress against this resource. Try again.     Error code: InternalError    Description: The service was unable to apply the provided tag to the bucket.     All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of s3-control. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id derived by using the access point ARN, see the Examples section. The following actions are related to PutBucketTagging:    GetBucketTagging     DeleteBucketTagging
    ///
    /// Parameters:
    ///   - accountId: The Amazon Web Services account ID of the Outposts bucket.
    ///   - bucket: The Amazon Resource Name (ARN) of the bucket. For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well. For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must  specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:::outpost//bucket/. For example, to access the bucket reports through Outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports. The value must be URL encoded.
    ///   - tagging: 
    ///   - logger: Logger use during operation
    @inlinable
    public func putBucketTagging(
        accountId: String,
        bucket: String,
        tagging: Tagging,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws {
        let input = PutBucketTaggingRequest(
            accountId: accountId, 
            bucket: bucket, 
            tagging: tagging
        )
        return try await self.putBucketTagging(input, logger: logger)
    }

    ///  This operation sets the versioning state for S3 on Outposts buckets only. To set the versioning state for an S3 bucket, see PutBucketVersioning in the Amazon S3 API Reference.   Sets the versioning state for an S3 on Outposts bucket. With S3 Versioning, you can save multiple distinct copies of your objects and recover from unintended user actions and application failures. You can set the versioning state to one of the following:    Enabled - Enables versioning for the objects in the bucket. All objects added to the bucket receive a unique version ID.    Suspended - Suspends versioning for the objects in the bucket. All objects added to the bucket receive the version ID null.   If you've never set versioning on your bucket, it has no versioning state. In that case, a  GetBucketVersioning request does not return a versioning state value. When you enable S3 Versioning, for each object in your bucket, you have a current version and zero or more noncurrent versions. You can configure your bucket S3 Lifecycle rules to expire noncurrent versions after a specified time period. For more information, see  Creating and managing a lifecycle configuration for your S3 on Outposts bucket in the Amazon S3 User Guide. If you have an object expiration lifecycle configuration in your non-versioned bucket and you want to maintain the same permanent delete behavior when you enable versioning, you must add a noncurrent expiration policy. The noncurrent expiration lifecycle configuration will manage the deletes of the noncurrent object versions in the version-enabled bucket. For more information, see Versioning in the Amazon S3 User Guide. All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of s3-control. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id derived by using the access point ARN, see the Examples section. The following operations are related to PutBucketVersioning for S3 on Outposts.    GetBucketVersioning     PutBucketLifecycleConfiguration     GetBucketLifecycleConfiguration
    @Sendable
    @inlinable
    public func putBucketVersioning(_ input: PutBucketVersioningRequest, logger: Logger = AWSClient.loggingDisabled) async throws {
        try await self.client.execute(
            operation: "PutBucketVersioning", 
            path: "/v20180820/bucket/{Bucket}/versioning", 
            httpMethod: .PUT, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    ///  This operation sets the versioning state for S3 on Outposts buckets only. To set the versioning state for an S3 bucket, see PutBucketVersioning in the Amazon S3 API Reference.   Sets the versioning state for an S3 on Outposts bucket. With S3 Versioning, you can save multiple distinct copies of your objects and recover from unintended user actions and application failures. You can set the versioning state to one of the following:    Enabled - Enables versioning for the objects in the bucket. All objects added to the bucket receive a unique version ID.    Suspended - Suspends versioning for the objects in the bucket. All objects added to the bucket receive the version ID null.   If you've never set versioning on your bucket, it has no versioning state. In that case, a  GetBucketVersioning request does not return a versioning state value. When you enable S3 Versioning, for each object in your bucket, you have a current version and zero or more noncurrent versions. You can configure your bucket S3 Lifecycle rules to expire noncurrent versions after a specified time period. For more information, see  Creating and managing a lifecycle configuration for your S3 on Outposts bucket in the Amazon S3 User Guide. If you have an object expiration lifecycle configuration in your non-versioned bucket and you want to maintain the same permanent delete behavior when you enable versioning, you must add a noncurrent expiration policy. The noncurrent expiration lifecycle configuration will manage the deletes of the noncurrent object versions in the version-enabled bucket. For more information, see Versioning in the Amazon S3 User Guide. All Amazon S3 on Outposts REST API requests for this action require an additional parameter of x-amz-outpost-id to be passed with the request. In addition, you must use an S3 on Outposts endpoint hostname prefix instead of s3-control. For an example of the request syntax for Amazon S3 on Outposts that uses the S3 on Outposts endpoint hostname prefix and the x-amz-outpost-id derived by using the access point ARN, see the Examples section. The following operations are related to PutBucketVersioning for S3 on Outposts.    GetBucketVersioning     PutBucketLifecycleConfiguration     GetBucketLifecycleConfiguration
    ///
    /// Parameters:
    ///   - accountId: The Amazon Web Services account ID of the S3 on Outposts bucket.
    ///   - bucket: The S3 on Outposts bucket to set the versioning state for.
    ///   - mfa: The concatenation of the authentication device's serial number, a space, and the value that is displayed on your authentication device.
    ///   - versioningConfiguration: The root-level tag for the VersioningConfiguration parameters.
    ///   - logger: Logger use during operation
    @inlinable
    public func putBucketVersioning(
        accountId: String,
        bucket: String,
        mfa: String? = nil,
        versioningConfiguration: VersioningConfiguration,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws {
        let input = PutBucketVersioningRequest(
            accountId: accountId, 
            bucket: bucket, 
            mfa: mfa, 
            versioningConfiguration: versioningConfiguration
        )
        return try await self.putBucketVersioning(input, logger: logger)
    }

    /// Sets the supplied tag-set on an S3 Batch Operations job. A tag is a key-value pair. You can associate S3 Batch Operations tags with any job by sending a PUT request against the tagging subresource that is associated with the job. To modify the existing tag set, you can either replace the existing tag set entirely, or make changes within the existing tag set by retrieving the existing tag set using GetJobTagging, modify that tag set, and use this operation to replace the tag set with the one you modified. For more information, see Controlling access and labeling jobs using tags in the Amazon S3 User Guide.     If you send this request with an empty tag set, Amazon S3 deletes the existing tag set on the Batch Operations job. If you use this method, you are charged for a Tier 1 Request (PUT). For more information, see Amazon S3 pricing.   For deleting existing tags for your Batch Operations job, a DeleteJobTagging request is preferred because it achieves the same result without incurring charges.   A few things to consider about using tags:   Amazon S3 limits the maximum number of tags to 50 tags per job.   You can associate up to 50 tags with a job as long as they have unique tag keys.   A tag key can be up to 128 Unicode characters in length, and tag values can be up to 256 Unicode characters in length.   The key and values are case sensitive.   For tagging-related restrictions related to characters and encodings, see User-Defined Tag Restrictions in the Billing and Cost Management User Guide.       Permissions  To use the PutJobTagging operation, you must have permission to perform the s3:PutJobTagging action.   Related actions include:    CreateJob     GetJobTagging     DeleteJobTagging
    @Sendable
    @inlinable
    public func putJobTagging(_ input: PutJobTaggingRequest, logger: Logger = AWSClient.loggingDisabled) async throws -> PutJobTaggingResult {
        try await self.client.execute(
            operation: "PutJobTagging", 
            path: "/v20180820/jobs/{JobId}/tagging", 
            httpMethod: .PUT, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    /// Sets the supplied tag-set on an S3 Batch Operations job. A tag is a key-value pair. You can associate S3 Batch Operations tags with any job by sending a PUT request against the tagging subresource that is associated with the job. To modify the existing tag set, you can either replace the existing tag set entirely, or make changes within the existing tag set by retrieving the existing tag set using GetJobTagging, modify that tag set, and use this operation to replace the tag set with the one you modified. For more information, see Controlling access and labeling jobs using tags in the Amazon S3 User Guide.     If you send this request with an empty tag set, Amazon S3 deletes the existing tag set on the Batch Operations job. If you use this method, you are charged for a Tier 1 Request (PUT). For more information, see Amazon S3 pricing.   For deleting existing tags for your Batch Operations job, a DeleteJobTagging request is preferred because it achieves the same result without incurring charges.   A few things to consider about using tags:   Amazon S3 limits the maximum number of tags to 50 tags per job.   You can associate up to 50 tags with a job as long as they have unique tag keys.   A tag key can be up to 128 Unicode characters in length, and tag values can be up to 256 Unicode characters in length.   The key and values are case sensitive.   For tagging-related restrictions related to characters and encodings, see User-Defined Tag Restrictions in the Billing and Cost Management User Guide.       Permissions  To use the PutJobTagging operation, you must have permission to perform the s3:PutJobTagging action.   Related actions include:    CreateJob     GetJobTagging     DeleteJobTagging
    ///
    /// Parameters:
    ///   - accountId: The Amazon Web Services account ID associated with the S3 Batch Operations job.
    ///   - jobId: The ID for the S3 Batch Operations job whose tags you want to replace.
    ///   - tags: The set of tags to associate with the S3 Batch Operations job.
    ///   - logger: Logger use during operation
    @inlinable
    public func putJobTagging(
        accountId: String,
        jobId: String,
        tags: [S3Tag],
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws -> PutJobTaggingResult {
        let input = PutJobTaggingRequest(
            accountId: accountId, 
            jobId: jobId, 
            tags: tags
        )
        return try await self.putJobTagging(input, logger: logger)
    }

    ///  This operation is not supported by directory buckets.  Associates an access control policy with the specified Multi-Region Access Point. Each Multi-Region Access Point can have only one policy, so a request made to this action replaces any existing policy that is associated with the specified Multi-Region Access Point. This action will always be routed to the US West (Oregon) Region. For more information about the restrictions around working with Multi-Region Access Points, see Multi-Region Access Point restrictions and limitations in the Amazon S3 User Guide. The following actions are related to PutMultiRegionAccessPointPolicy:    GetMultiRegionAccessPointPolicy     GetMultiRegionAccessPointPolicyStatus
    @Sendable
    @inlinable
    public func putMultiRegionAccessPointPolicy(_ input: PutMultiRegionAccessPointPolicyRequest, logger: Logger = AWSClient.loggingDisabled) async throws -> PutMultiRegionAccessPointPolicyResult {
        try await self.client.execute(
            operation: "PutMultiRegionAccessPointPolicy", 
            path: "/v20180820/async-requests/mrap/put-policy", 
            httpMethod: .POST, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    ///  This operation is not supported by directory buckets.  Associates an access control policy with the specified Multi-Region Access Point. Each Multi-Region Access Point can have only one policy, so a request made to this action replaces any existing policy that is associated with the specified Multi-Region Access Point. This action will always be routed to the US West (Oregon) Region. For more information about the restrictions around working with Multi-Region Access Points, see Multi-Region Access Point restrictions and limitations in the Amazon S3 User Guide. The following actions are related to PutMultiRegionAccessPointPolicy:    GetMultiRegionAccessPointPolicy     GetMultiRegionAccessPointPolicyStatus
    ///
    /// Parameters:
    ///   - accountId: The Amazon Web Services account ID for the owner of the Multi-Region Access Point.
    ///   - clientToken: An idempotency token used to identify the request and guarantee that requests are unique.
    ///   - details: A container element containing the details of the policy for the Multi-Region Access Point.
    ///   - logger: Logger use during operation
    @inlinable
    public func putMultiRegionAccessPointPolicy(
        accountId: String,
        clientToken: String = PutMultiRegionAccessPointPolicyRequest.idempotencyToken(),
        details: PutMultiRegionAccessPointPolicyInput,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws -> PutMultiRegionAccessPointPolicyResult {
        let input = PutMultiRegionAccessPointPolicyRequest(
            accountId: accountId, 
            clientToken: clientToken, 
            details: details
        )
        return try await self.putMultiRegionAccessPointPolicy(input, logger: logger)
    }

    ///  This operation is not supported by directory buckets.  Creates or modifies the PublicAccessBlock configuration for an Amazon Web Services account. For this operation, users must have the s3:PutAccountPublicAccessBlock permission. For more information, see  Using Amazon S3 block public access. Related actions include:    GetPublicAccessBlock     DeletePublicAccessBlock
    @Sendable
    @inlinable
    public func putPublicAccessBlock(_ input: PutPublicAccessBlockRequest, logger: Logger = AWSClient.loggingDisabled) async throws {
        try await self.client.execute(
            operation: "PutPublicAccessBlock", 
            path: "/v20180820/configuration/publicAccessBlock", 
            httpMethod: .PUT, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    ///  This operation is not supported by directory buckets.  Creates or modifies the PublicAccessBlock configuration for an Amazon Web Services account. For this operation, users must have the s3:PutAccountPublicAccessBlock permission. For more information, see  Using Amazon S3 block public access. Related actions include:    GetPublicAccessBlock     DeletePublicAccessBlock
    ///
    /// Parameters:
    ///   - accountId: The account ID for the Amazon Web Services account whose PublicAccessBlock configuration you want to set.
    ///   - publicAccessBlockConfiguration: The PublicAccessBlock configuration that you want to apply to the specified Amazon Web Services account.
    ///   - logger: Logger use during operation
    @inlinable
    public func putPublicAccessBlock(
        accountId: String,
        publicAccessBlockConfiguration: PublicAccessBlockConfiguration,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws {
        let input = PutPublicAccessBlockRequest(
            accountId: accountId, 
            publicAccessBlockConfiguration: publicAccessBlockConfiguration
        )
        return try await self.putPublicAccessBlock(input, logger: logger)
    }

    ///  This operation is not supported by directory buckets.  Puts an Amazon S3 Storage Lens configuration. For more information about S3 Storage Lens, see Working with Amazon S3 Storage Lens in the Amazon S3 User Guide. For a complete list of S3 Storage Lens metrics, see S3 Storage Lens metrics glossary in the Amazon S3 User Guide.  To use this action, you must have permission to perform the s3:PutStorageLensConfiguration action. For more information, see Setting permissions to use Amazon S3 Storage Lens in the Amazon S3 User Guide.
    @Sendable
    @inlinable
    public func putStorageLensConfiguration(_ input: PutStorageLensConfigurationRequest, logger: Logger = AWSClient.loggingDisabled) async throws {
        try await self.client.execute(
            operation: "PutStorageLensConfiguration", 
            path: "/v20180820/storagelens/{ConfigId}", 
            httpMethod: .PUT, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    ///  This operation is not supported by directory buckets.  Puts an Amazon S3 Storage Lens configuration. For more information about S3 Storage Lens, see Working with Amazon S3 Storage Lens in the Amazon S3 User Guide. For a complete list of S3 Storage Lens metrics, see S3 Storage Lens metrics glossary in the Amazon S3 User Guide.  To use this action, you must have permission to perform the s3:PutStorageLensConfiguration action. For more information, see Setting permissions to use Amazon S3 Storage Lens in the Amazon S3 User Guide.
    ///
    /// Parameters:
    ///   - accountId: The account ID of the requester.
    ///   - configId: The ID of the S3 Storage Lens configuration.
    ///   - storageLensConfiguration: The S3 Storage Lens configuration.
    ///   - tags: The tag set of the S3 Storage Lens configuration.  You can set up to a maximum of 50 tags.
    ///   - logger: Logger use during operation
    @inlinable
    public func putStorageLensConfiguration(
        accountId: String,
        configId: String,
        storageLensConfiguration: StorageLensConfiguration,
        tags: [StorageLensTag]? = nil,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws {
        let input = PutStorageLensConfigurationRequest(
            accountId: accountId, 
            configId: configId, 
            storageLensConfiguration: storageLensConfiguration, 
            tags: tags
        )
        return try await self.putStorageLensConfiguration(input, logger: logger)
    }

    ///  This operation is not supported by directory buckets.  Put or replace tags on an existing Amazon S3 Storage Lens configuration. For more information about S3 Storage Lens, see Assessing your storage activity and usage with Amazon S3 Storage Lens  in the Amazon S3 User Guide.  To use this action, you must have permission to perform the s3:PutStorageLensConfigurationTagging action. For more information, see Setting permissions to use Amazon S3 Storage Lens in the Amazon S3 User Guide.
    @Sendable
    @inlinable
    public func putStorageLensConfigurationTagging(_ input: PutStorageLensConfigurationTaggingRequest, logger: Logger = AWSClient.loggingDisabled) async throws -> PutStorageLensConfigurationTaggingResult {
        try await self.client.execute(
            operation: "PutStorageLensConfigurationTagging", 
            path: "/v20180820/storagelens/{ConfigId}/tagging", 
            httpMethod: .PUT, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    ///  This operation is not supported by directory buckets.  Put or replace tags on an existing Amazon S3 Storage Lens configuration. For more information about S3 Storage Lens, see Assessing your storage activity and usage with Amazon S3 Storage Lens  in the Amazon S3 User Guide.  To use this action, you must have permission to perform the s3:PutStorageLensConfigurationTagging action. For more information, see Setting permissions to use Amazon S3 Storage Lens in the Amazon S3 User Guide.
    ///
    /// Parameters:
    ///   - accountId: The account ID of the requester.
    ///   - configId: The ID of the S3 Storage Lens configuration.
    ///   - tags: The tag set of the S3 Storage Lens configuration.  You can set up to a maximum of 50 tags.
    ///   - logger: Logger use during operation
    @inlinable
    public func putStorageLensConfigurationTagging(
        accountId: String,
        configId: String,
        tags: [StorageLensTag],
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws -> PutStorageLensConfigurationTaggingResult {
        let input = PutStorageLensConfigurationTaggingRequest(
            accountId: accountId, 
            configId: configId, 
            tags: tags
        )
        return try await self.putStorageLensConfigurationTagging(input, logger: logger)
    }

    ///  This operation is not supported by directory buckets.  Submits an updated route configuration for a Multi-Region Access Point. This API operation updates the routing status for the specified Regions from active to passive, or from passive to active. A value of 0 indicates a passive status, which means that traffic won't be routed to the specified Region. A value of 100 indicates an active status, which means that traffic will be routed to the specified Region. At least one Region must be active at all times. When the routing configuration is changed, any in-progress operations (uploads, copies, deletes, and so on) to formerly active Regions will continue to run to their final completion state (success or failure). The routing configurations of any Regions that aren’t specified remain unchanged.  Updated routing configurations might not be immediately applied. It can take up to 2 minutes for your changes to take effect.  To submit routing control changes and failover requests, use the Amazon S3 failover control infrastructure endpoints in these five Amazon Web Services Regions:    us-east-1     us-west-2     ap-southeast-2     ap-northeast-1     eu-west-1
    @Sendable
    @inlinable
    public func submitMultiRegionAccessPointRoutes(_ input: SubmitMultiRegionAccessPointRoutesRequest, logger: Logger = AWSClient.loggingDisabled) async throws -> SubmitMultiRegionAccessPointRoutesResult {
        try await self.client.execute(
            operation: "SubmitMultiRegionAccessPointRoutes", 
            path: "/v20180820/mrap/instances/{Mrap+}/routes", 
            httpMethod: .PATCH, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    ///  This operation is not supported by directory buckets.  Submits an updated route configuration for a Multi-Region Access Point. This API operation updates the routing status for the specified Regions from active to passive, or from passive to active. A value of 0 indicates a passive status, which means that traffic won't be routed to the specified Region. A value of 100 indicates an active status, which means that traffic will be routed to the specified Region. At least one Region must be active at all times. When the routing configuration is changed, any in-progress operations (uploads, copies, deletes, and so on) to formerly active Regions will continue to run to their final completion state (success or failure). The routing configurations of any Regions that aren’t specified remain unchanged.  Updated routing configurations might not be immediately applied. It can take up to 2 minutes for your changes to take effect.  To submit routing control changes and failover requests, use the Amazon S3 failover control infrastructure endpoints in these five Amazon Web Services Regions:    us-east-1     us-west-2     ap-southeast-2     ap-northeast-1     eu-west-1
    ///
    /// Parameters:
    ///   - accountId: The Amazon Web Services account ID for the owner of the Multi-Region Access Point.
    ///   - mrap: The Multi-Region Access Point ARN.
    ///   - routeUpdates: The different routes that make up the new route configuration. Active routes return a value of 100, and passive routes return a value of 0.
    ///   - logger: Logger use during operation
    @inlinable
    public func submitMultiRegionAccessPointRoutes(
        accountId: String,
        mrap: String,
        routeUpdates: [MultiRegionAccessPointRoute],
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws -> SubmitMultiRegionAccessPointRoutesResult {
        let input = SubmitMultiRegionAccessPointRoutesRequest(
            accountId: accountId, 
            mrap: mrap, 
            routeUpdates: routeUpdates
        )
        return try await self.submitMultiRegionAccessPointRoutes(input, logger: logger)
    }

    ///  Creates a new user-defined tag or updates an existing tag. Each tag is a label consisting of a key and value that is applied to your resource. Tags can help you organize, track costs for, and control access to your resources. You can add up to 50 Amazon Web Services resource tags for each S3 resource.   This operation is only supported for the following Amazon S3 resource:    Directory buckets     S3 Storage Lens groups     S3 Access Grants instances, registered locations, or grants.     Permissions  For Storage Lens groups and S3 Access Grants, you must have the s3:TagResource permission to use this operation.  For more information about the required Storage Lens Groups permissions, see Setting account permissions to use S3 Storage Lens groups.  Directory bucket permissions  For directory buckets, you must have the s3express:TagResource permission to use this operation. For more information about directory buckets policies and permissions, see Identity and Access Management (IAM) for S3 Express One Zone in the Amazon S3 User Guide.  HTTP Host header syntax   Directory buckets  - The HTTP Host header syntax is s3express-control.region.amazonaws.com.   For information about S3 Tagging errors, see List of Amazon S3 Tagging error codes.
    @Sendable
    @inlinable
    public func tagResource(_ input: TagResourceRequest, logger: Logger = AWSClient.loggingDisabled) async throws -> TagResourceResult {
        try await self.client.execute(
            operation: "TagResource", 
            path: "/v20180820/tags/{ResourceArn+}", 
            httpMethod: .POST, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    ///  Creates a new user-defined tag or updates an existing tag. Each tag is a label consisting of a key and value that is applied to your resource. Tags can help you organize, track costs for, and control access to your resources. You can add up to 50 Amazon Web Services resource tags for each S3 resource.   This operation is only supported for the following Amazon S3 resource:    Directory buckets     S3 Storage Lens groups     S3 Access Grants instances, registered locations, or grants.     Permissions  For Storage Lens groups and S3 Access Grants, you must have the s3:TagResource permission to use this operation.  For more information about the required Storage Lens Groups permissions, see Setting account permissions to use S3 Storage Lens groups.  Directory bucket permissions  For directory buckets, you must have the s3express:TagResource permission to use this operation. For more information about directory buckets policies and permissions, see Identity and Access Management (IAM) for S3 Express One Zone in the Amazon S3 User Guide.  HTTP Host header syntax   Directory buckets  - The HTTP Host header syntax is s3express-control.region.amazonaws.com.   For information about S3 Tagging errors, see List of Amazon S3 Tagging error codes.
    ///
    /// Parameters:
    ///   - accountId: The Amazon Web Services account ID that created the S3 resource that you're trying to add tags to or the requester's account ID.
    ///   - resourceArn: The Amazon Resource Name (ARN) of the S3 resource that you're applying tags to. The tagged resource can be a directory bucket, S3 Storage Lens group or S3 Access Grants instance, registered location, or grant.
    ///   - tags: The Amazon Web Services resource tags that you want to add to the specified S3 resource.
    ///   - logger: Logger use during operation
    @inlinable
    public func tagResource(
        accountId: String,
        resourceArn: String,
        tags: [Tag],
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws -> TagResourceResult {
        let input = TagResourceRequest(
            accountId: accountId, 
            resourceArn: resourceArn, 
            tags: tags
        )
        return try await self.tagResource(input, logger: logger)
    }

    /// This operation removes the specified user-defined tags from an S3 resource. You can pass one or more tag keys.   This operation is only supported for the following Amazon S3 resources:    Directory buckets     Storage Lens groups     S3 Access Grants instances, registered locations, and grants.     Permissions  For Storage Lens groups and S3 Access Grants, you must have the s3:UntagResource permission to use this operation.  For more information about the required Storage Lens Groups permissions, see Setting account permissions to use S3 Storage Lens groups.  Directory bucket permissions  For directory buckets, you must have the s3express:UntagResource permission to use this operation. For more information about directory buckets policies and permissions, see Identity and Access Management (IAM) for S3 Express One Zone in the Amazon S3 User Guide.  HTTP Host header syntax   Directory buckets  - The HTTP Host header syntax is s3express-control.region.amazonaws.com.   For information about S3 Tagging errors, see List of Amazon S3 Tagging error codes.
    @Sendable
    @inlinable
    public func untagResource(_ input: UntagResourceRequest, logger: Logger = AWSClient.loggingDisabled) async throws -> UntagResourceResult {
        try await self.client.execute(
            operation: "UntagResource", 
            path: "/v20180820/tags/{ResourceArn+}", 
            httpMethod: .DELETE, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    /// This operation removes the specified user-defined tags from an S3 resource. You can pass one or more tag keys.   This operation is only supported for the following Amazon S3 resources:    Directory buckets     Storage Lens groups     S3 Access Grants instances, registered locations, and grants.     Permissions  For Storage Lens groups and S3 Access Grants, you must have the s3:UntagResource permission to use this operation.  For more information about the required Storage Lens Groups permissions, see Setting account permissions to use S3 Storage Lens groups.  Directory bucket permissions  For directory buckets, you must have the s3express:UntagResource permission to use this operation. For more information about directory buckets policies and permissions, see Identity and Access Management (IAM) for S3 Express One Zone in the Amazon S3 User Guide.  HTTP Host header syntax   Directory buckets  - The HTTP Host header syntax is s3express-control.region.amazonaws.com.   For information about S3 Tagging errors, see List of Amazon S3 Tagging error codes.
    ///
    /// Parameters:
    ///   - accountId:  The Amazon Web Services account ID that owns the resource that you're trying to remove the tags from.
    ///   - resourceArn: The Amazon Resource Name (ARN) of the S3 resource that you're removing tags from. The tagged resource can be a directory bucket, S3 Storage Lens group or S3 Access Grants instance, registered location, or grant.
    ///   - tagKeys:  The array of tag key-value pairs that you're trying to remove from of the S3 resource.
    ///   - logger: Logger use during operation
    @inlinable
    public func untagResource(
        accountId: String,
        resourceArn: String,
        tagKeys: [String],
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws -> UntagResourceResult {
        let input = UntagResourceRequest(
            accountId: accountId, 
            resourceArn: resourceArn, 
            tagKeys: tagKeys
        )
        return try await self.untagResource(input, logger: logger)
    }

    /// Updates the IAM role of a registered location in your S3 Access Grants instance.  Permissions  You must have the s3:UpdateAccessGrantsLocation permission to use this operation.   Additional Permissions  You must also have the following permission: iam:PassRole
    @Sendable
    @inlinable
    public func updateAccessGrantsLocation(_ input: UpdateAccessGrantsLocationRequest, logger: Logger = AWSClient.loggingDisabled) async throws -> UpdateAccessGrantsLocationResult {
        try await self.client.execute(
            operation: "UpdateAccessGrantsLocation", 
            path: "/v20180820/accessgrantsinstance/location/{AccessGrantsLocationId}", 
            httpMethod: .PUT, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    /// Updates the IAM role of a registered location in your S3 Access Grants instance.  Permissions  You must have the s3:UpdateAccessGrantsLocation permission to use this operation.   Additional Permissions  You must also have the following permission: iam:PassRole
    ///
    /// Parameters:
    ///   - accessGrantsLocationId: The ID of the registered location that you are updating. S3 Access Grants assigns this ID when you register the location. S3 Access Grants assigns the ID default to the default location s3:// and assigns an auto-generated ID to other locations that you register.   The ID of the registered location to which you are granting access. S3 Access Grants assigned this ID when you registered the location. S3 Access Grants assigns the ID default to the default location s3:// and assigns an auto-generated ID to other locations that you register.   If you are passing the default location, you cannot create an access grant for the entire default location. You must also specify a bucket or a bucket and prefix in the Subprefix field.
    ///   - accountId: The Amazon Web Services account ID of the S3 Access Grants instance.
    ///   - iamRoleArn: The Amazon Resource Name (ARN) of the IAM role for the registered location. S3 Access Grants assumes this role to manage access to the registered location.
    ///   - logger: Logger use during operation
    @inlinable
    public func updateAccessGrantsLocation(
        accessGrantsLocationId: String,
        accountId: String,
        iamRoleArn: String,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws -> UpdateAccessGrantsLocationResult {
        let input = UpdateAccessGrantsLocationRequest(
            accessGrantsLocationId: accessGrantsLocationId, 
            accountId: accountId, 
            iamRoleArn: iamRoleArn
        )
        return try await self.updateAccessGrantsLocation(input, logger: logger)
    }

    /// Updates an existing S3 Batch Operations job's priority. For more information, see S3 Batch Operations in the Amazon S3 User Guide.  Permissions  To use the UpdateJobPriority operation, you must have permission to perform the s3:UpdateJobPriority action.   Related actions include:    CreateJob     ListJobs     DescribeJob     UpdateJobStatus
    @Sendable
    @inlinable
    public func updateJobPriority(_ input: UpdateJobPriorityRequest, logger: Logger = AWSClient.loggingDisabled) async throws -> UpdateJobPriorityResult {
        try await self.client.execute(
            operation: "UpdateJobPriority", 
            path: "/v20180820/jobs/{JobId}/priority", 
            httpMethod: .POST, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    /// Updates an existing S3 Batch Operations job's priority. For more information, see S3 Batch Operations in the Amazon S3 User Guide.  Permissions  To use the UpdateJobPriority operation, you must have permission to perform the s3:UpdateJobPriority action.   Related actions include:    CreateJob     ListJobs     DescribeJob     UpdateJobStatus
    ///
    /// Parameters:
    ///   - accountId: The Amazon Web Services account ID associated with the S3 Batch Operations job.
    ///   - jobId: The ID for the job whose priority you want to update.
    ///   - priority: The priority you want to assign to this job.
    ///   - logger: Logger use during operation
    @inlinable
    public func updateJobPriority(
        accountId: String,
        jobId: String,
        priority: Int = 0,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws -> UpdateJobPriorityResult {
        let input = UpdateJobPriorityRequest(
            accountId: accountId, 
            jobId: jobId, 
            priority: priority
        )
        return try await self.updateJobPriority(input, logger: logger)
    }

    /// Updates the status for the specified job. Use this operation to confirm that you want to run a job or to cancel an existing job. For more information, see S3 Batch Operations in the Amazon S3 User Guide.  Permissions  To use the UpdateJobStatus operation, you must have permission to perform the s3:UpdateJobStatus action.   Related actions include:    CreateJob     ListJobs     DescribeJob     UpdateJobStatus
    @Sendable
    @inlinable
    public func updateJobStatus(_ input: UpdateJobStatusRequest, logger: Logger = AWSClient.loggingDisabled) async throws -> UpdateJobStatusResult {
        try await self.client.execute(
            operation: "UpdateJobStatus", 
            path: "/v20180820/jobs/{JobId}/status", 
            httpMethod: .POST, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    /// Updates the status for the specified job. Use this operation to confirm that you want to run a job or to cancel an existing job. For more information, see S3 Batch Operations in the Amazon S3 User Guide.  Permissions  To use the UpdateJobStatus operation, you must have permission to perform the s3:UpdateJobStatus action.   Related actions include:    CreateJob     ListJobs     DescribeJob     UpdateJobStatus
    ///
    /// Parameters:
    ///   - accountId: The Amazon Web Services account ID associated with the S3 Batch Operations job.
    ///   - jobId: The ID of the job whose status you want to update.
    ///   - requestedJobStatus: The status that you want to move the specified job to.
    ///   - statusUpdateReason: A description of the reason why you want to change the specified job's status. This field can be any string up to the maximum length.
    ///   - logger: Logger use during operation
    @inlinable
    public func updateJobStatus(
        accountId: String,
        jobId: String,
        requestedJobStatus: RequestedJobStatus,
        statusUpdateReason: String? = nil,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws -> UpdateJobStatusResult {
        let input = UpdateJobStatusRequest(
            accountId: accountId, 
            jobId: jobId, 
            requestedJobStatus: requestedJobStatus, 
            statusUpdateReason: statusUpdateReason
        )
        return try await self.updateJobStatus(input, logger: logger)
    }

    /// Updates the existing Storage Lens group. To use this operation, you must have the permission to perform the s3:UpdateStorageLensGroup action. For more information about the required Storage Lens Groups permissions, see Setting account permissions to use S3 Storage Lens groups. For information about Storage Lens groups errors, see List of Amazon S3 Storage Lens error codes.
    @Sendable
    @inlinable
    public func updateStorageLensGroup(_ input: UpdateStorageLensGroupRequest, logger: Logger = AWSClient.loggingDisabled) async throws {
        try await self.client.execute(
            operation: "UpdateStorageLensGroup", 
            path: "/v20180820/storagelensgroup/{Name}", 
            httpMethod: .PUT, 
            serviceConfig: self.config, 
            input: input, 
            hostPrefix: "{AccountId}.", 
            logger: logger
        )
    }
    /// Updates the existing Storage Lens group. To use this operation, you must have the permission to perform the s3:UpdateStorageLensGroup action. For more information about the required Storage Lens Groups permissions, see Setting account permissions to use S3 Storage Lens groups. For information about Storage Lens groups errors, see List of Amazon S3 Storage Lens error codes.
    ///
    /// Parameters:
    ///   - accountId: The Amazon Web Services account ID of the Storage Lens group owner.
    ///   - name: The name of the Storage Lens group that you want to update.
    ///   - storageLensGroup: The JSON file that contains the Storage Lens group configuration.
    ///   - logger: Logger use during operation
    @inlinable
    public func updateStorageLensGroup(
        accountId: String,
        name: String,
        storageLensGroup: StorageLensGroup,
        logger: Logger = AWSClient.loggingDisabled        
    ) async throws {
        let input = UpdateStorageLensGroupRequest(
            accountId: accountId, 
            name: name, 
            storageLensGroup: storageLensGroup
        )
        return try await self.updateStorageLensGroup(input, logger: logger)
    }
}

extension S3Control {
    /// Initializer required by `AWSService.with(middlewares:timeout:byteBufferAllocator:options)`. You are not able to use this initializer directly as there are not public
    /// initializers for `AWSServiceConfig.Patch`. Please use `AWSService.with(middlewares:timeout:byteBufferAllocator:options)` instead.
    public init(from: S3Control, patch: AWSServiceConfig.Patch) {
        self.client = from.client
        self.config = from.config.with(patch: patch)
    }
}

// MARK: Paginators

@available(macOS 10.15, iOS 13.0, tvOS 13.0, watchOS 6.0, *)
extension S3Control {
    /// Return PaginatorSequence for operation ``listAccessGrants(_:logger:)``.
    ///
    /// - Parameters:
    ///   - input: Input for operation
    ///   - logger: Logger used for logging
    @inlinable
    public func listAccessGrantsPaginator(
        _ input: ListAccessGrantsRequest,
        logger: Logger = AWSClient.loggingDisabled
    ) -> AWSClient.PaginatorSequence<ListAccessGrantsRequest, ListAccessGrantsResult> {
        return .init(
            input: input,
            command: self.listAccessGrants,
            inputKey: \ListAccessGrantsRequest.nextToken,
            outputKey: \ListAccessGrantsResult.nextToken,
            logger: logger
        )
    }
    /// Return PaginatorSequence for operation ``listAccessGrants(_:logger:)``.
    ///
    /// - Parameters:
    ///   - accountId: The Amazon Web Services account ID of the S3 Access Grants instance.
    ///   - applicationArn: The Amazon Resource Name (ARN) of an Amazon Web Services IAM Identity Center application associated with your Identity Center instance. If the grant includes an application ARN, the grantee can only access the S3 data through this application.
    ///   - granteeIdentifier: The unique identifer of the Grantee. If the grantee type is IAM, the identifier is the IAM Amazon Resource Name (ARN) of the user or role. If the grantee type is a directory user or group, the identifier is 128-bit universally unique identifier (UUID) in the format a1b2c3d4-5678-90ab-cdef-EXAMPLE11111. You can obtain this UUID from your Amazon Web Services IAM Identity Center instance.
    ///   - granteeType: The type of the grantee to which access has been granted. It can be one of the following values:    IAM - An IAM user or role.    DIRECTORY_USER - Your corporate directory user. You can use this option if you have added your corporate identity directory to IAM Identity Center and associated the IAM Identity Center instance with your S3 Access Grants instance.    DIRECTORY_GROUP - Your corporate directory group. You can use this option if you have added your corporate identity directory to IAM Identity Center and associated the IAM Identity Center instance with your S3 Access Grants instance.
    ///   - grantScope: The S3 path of the data to which you are granting access. It is the result of appending the Subprefix to the location scope.
    ///   - maxResults: The maximum number of access grants that you would like returned in the List Access Grants response. If the results include the pagination token NextToken, make another call using the NextToken to determine if there are more results.
    ///   - permission: The type of permission granted to your S3 data, which can be set to one of the following values:    READ – Grant read-only access to the S3 data.    WRITE – Grant write-only access to the S3 data.    READWRITE – Grant both read and write access to the S3 data.
    ///   - logger: Logger used for logging
    @inlinable
    public func listAccessGrantsPaginator(
        accountId: String,
        applicationArn: String? = nil,
        granteeIdentifier: String? = nil,
        granteeType: GranteeType? = nil,
        grantScope: String? = nil,
        maxResults: Int? = nil,
        permission: Permission? = nil,
        logger: Logger = AWSClient.loggingDisabled        
    ) -> AWSClient.PaginatorSequence<ListAccessGrantsRequest, ListAccessGrantsResult> {
        let input = ListAccessGrantsRequest(
            accountId: accountId, 
            applicationArn: applicationArn, 
            granteeIdentifier: granteeIdentifier, 
            granteeType: granteeType, 
            grantScope: grantScope, 
            maxResults: maxResults, 
            permission: permission
        )
        return self.listAccessGrantsPaginator(input, logger: logger)
    }

    /// Return PaginatorSequence for operation ``listAccessGrantsInstances(_:logger:)``.
    ///
    /// - Parameters:
    ///   - input: Input for operation
    ///   - logger: Logger used for logging
    @inlinable
    public func listAccessGrantsInstancesPaginator(
        _ input: ListAccessGrantsInstancesRequest,
        logger: Logger = AWSClient.loggingDisabled
    ) -> AWSClient.PaginatorSequence<ListAccessGrantsInstancesRequest, ListAccessGrantsInstancesResult> {
        return .init(
            input: input,
            command: self.listAccessGrantsInstances,
            inputKey: \ListAccessGrantsInstancesRequest.nextToken,
            outputKey: \ListAccessGrantsInstancesResult.nextToken,
            logger: logger
        )
    }
    /// Return PaginatorSequence for operation ``listAccessGrantsInstances(_:logger:)``.
    ///
    /// - Parameters:
    ///   - accountId: The Amazon Web Services account ID of the S3 Access Grants instance.
    ///   - maxResults: The maximum number of access grants that you would like returned in the List Access Grants response. If the results include the pagination token NextToken, make another call using the NextToken to determine if there are more results.
    ///   - logger: Logger used for logging
    @inlinable
    public func listAccessGrantsInstancesPaginator(
        accountId: String,
        maxResults: Int? = nil,
        logger: Logger = AWSClient.loggingDisabled        
    ) -> AWSClient.PaginatorSequence<ListAccessGrantsInstancesRequest, ListAccessGrantsInstancesResult> {
        let input = ListAccessGrantsInstancesRequest(
            accountId: accountId, 
            maxResults: maxResults
        )
        return self.listAccessGrantsInstancesPaginator(input, logger: logger)
    }

    /// Return PaginatorSequence for operation ``listAccessGrantsLocations(_:logger:)``.
    ///
    /// - Parameters:
    ///   - input: Input for operation
    ///   - logger: Logger used for logging
    @inlinable
    public func listAccessGrantsLocationsPaginator(
        _ input: ListAccessGrantsLocationsRequest,
        logger: Logger = AWSClient.loggingDisabled
    ) -> AWSClient.PaginatorSequence<ListAccessGrantsLocationsRequest, ListAccessGrantsLocationsResult> {
        return .init(
            input: input,
            command: self.listAccessGrantsLocations,
            inputKey: \ListAccessGrantsLocationsRequest.nextToken,
            outputKey: \ListAccessGrantsLocationsResult.nextToken,
            logger: logger
        )
    }
    /// Return PaginatorSequence for operation ``listAccessGrantsLocations(_:logger:)``.
    ///
    /// - Parameters:
    ///   - accountId: The Amazon Web Services account ID of the S3 Access Grants instance.
    ///   - locationScope: The S3 path to the location that you are registering. The location scope can be the default S3 location s3://, the S3 path to a bucket s3://, or the S3 path to a bucket and prefix s3:///. A prefix in S3 is a string of characters at the beginning of an object key name used to organize the objects that you store in your S3 buckets. For example, object key names that start with the engineering/ prefix or object key names that start with the marketing/campaigns/ prefix.
    ///   - maxResults: The maximum number of access grants that you would like returned in the List Access Grants response. If the results include the pagination token NextToken, make another call using the NextToken to determine if there are more results.
    ///   - logger: Logger used for logging
    @inlinable
    public func listAccessGrantsLocationsPaginator(
        accountId: String,
        locationScope: String? = nil,
        maxResults: Int? = nil,
        logger: Logger = AWSClient.loggingDisabled        
    ) -> AWSClient.PaginatorSequence<ListAccessGrantsLocationsRequest, ListAccessGrantsLocationsResult> {
        let input = ListAccessGrantsLocationsRequest(
            accountId: accountId, 
            locationScope: locationScope, 
            maxResults: maxResults
        )
        return self.listAccessGrantsLocationsPaginator(input, logger: logger)
    }

    /// Return PaginatorSequence for operation ``listAccessPoints(_:logger:)``.
    ///
    /// - Parameters:
    ///   - input: Input for operation
    ///   - logger: Logger used for logging
    @inlinable
    public func listAccessPointsPaginator(
        _ input: ListAccessPointsRequest,
        logger: Logger = AWSClient.loggingDisabled
    ) -> AWSClient.PaginatorSequence<ListAccessPointsRequest, ListAccessPointsResult> {
        return .init(
            input: input,
            command: self.listAccessPoints,
            inputKey: \ListAccessPointsRequest.nextToken,
            outputKey: \ListAccessPointsResult.nextToken,
            logger: logger
        )
    }
    /// Return PaginatorSequence for operation ``listAccessPoints(_:logger:)``.
    ///
    /// - Parameters:
    ///   - accountId: The Amazon Web Services account ID for the account that owns the specified access points.
    ///   - bucket: The name of the bucket whose associated access points you want to list. For using this parameter with Amazon S3 on Outposts with the REST API, you must specify the name and the x-amz-outpost-id as well. For using this parameter with S3 on Outposts with the Amazon Web Services SDK and CLI, you must  specify the ARN of the bucket accessed in the format arn:aws:s3-outposts:::outpost//bucket/. For example, to access the bucket reports through Outpost my-outpost owned by account 123456789012 in Region us-west-2, use the URL encoding of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/bucket/reports. The value must be URL encoded.
    ///   - dataSourceId: The unique identifier for the data source of the access point.
    ///   - dataSourceType: The type of the data source that the access point is attached to. Returns only access points attached to S3 buckets by default. To return all access points specify DataSourceType as ALL.
    ///   - maxResults: The maximum number of access points that you want to include in the list. If the specified bucket has more than this number of access points, then the response will include a continuation token in the NextToken field that you can use to retrieve the next page of access points.
    ///   - logger: Logger used for logging
    @inlinable
    public func listAccessPointsPaginator(
        accountId: String,
        bucket: String? = nil,
        dataSourceId: String? = nil,
        dataSourceType: String? = nil,
        maxResults: Int? = nil,
        logger: Logger = AWSClient.loggingDisabled        
    ) -> AWSClient.PaginatorSequence<ListAccessPointsRequest, ListAccessPointsResult> {
        let input = ListAccessPointsRequest(
            accountId: accountId, 
            bucket: bucket, 
            dataSourceId: dataSourceId, 
            dataSourceType: dataSourceType, 
            maxResults: maxResults
        )
        return self.listAccessPointsPaginator(input, logger: logger)
    }

    /// Return PaginatorSequence for operation ``listAccessPointsForDirectoryBuckets(_:logger:)``.
    ///
    /// - Parameters:
    ///   - input: Input for operation
    ///   - logger: Logger used for logging
    @inlinable
    public func listAccessPointsForDirectoryBucketsPaginator(
        _ input: ListAccessPointsForDirectoryBucketsRequest,
        logger: Logger = AWSClient.loggingDisabled
    ) -> AWSClient.PaginatorSequence<ListAccessPointsForDirectoryBucketsRequest, ListAccessPointsForDirectoryBucketsResult> {
        return .init(
            input: input,
            command: self.listAccessPointsForDirectoryBuckets,
            inputKey: \ListAccessPointsForDirectoryBucketsRequest.nextToken,
            outputKey: \ListAccessPointsForDirectoryBucketsResult.nextToken,
            logger: logger
        )
    }
    /// Return PaginatorSequence for operation ``listAccessPointsForDirectoryBuckets(_:logger:)``.
    ///
    /// - Parameters:
    ///   - accountId: The Amazon Web Services account ID that owns the access points.
    ///   - directoryBucket: The name of the directory bucket associated with the access points you want to list.
    ///   - maxResults: The maximum number of access points that you would like returned in the ListAccessPointsForDirectoryBuckets response. If the directory bucket is associated with more than this number of access points, the results include the pagination token NextToken. Make another call using the NextToken to retrieve more results.
    ///   - logger: Logger used for logging
    @inlinable
    public func listAccessPointsForDirectoryBucketsPaginator(
        accountId: String,
        directoryBucket: String? = nil,
        maxResults: Int? = nil,
        logger: Logger = AWSClient.loggingDisabled        
    ) -> AWSClient.PaginatorSequence<ListAccessPointsForDirectoryBucketsRequest, ListAccessPointsForDirectoryBucketsResult> {
        let input = ListAccessPointsForDirectoryBucketsRequest(
            accountId: accountId, 
            directoryBucket: directoryBucket, 
            maxResults: maxResults
        )
        return self.listAccessPointsForDirectoryBucketsPaginator(input, logger: logger)
    }

    /// Return PaginatorSequence for operation ``listAccessPointsForObjectLambda(_:logger:)``.
    ///
    /// - Parameters:
    ///   - input: Input for operation
    ///   - logger: Logger used for logging
    @inlinable
    public func listAccessPointsForObjectLambdaPaginator(
        _ input: ListAccessPointsForObjectLambdaRequest,
        logger: Logger = AWSClient.loggingDisabled
    ) -> AWSClient.PaginatorSequence<ListAccessPointsForObjectLambdaRequest, ListAccessPointsForObjectLambdaResult> {
        return .init(
            input: input,
            command: self.listAccessPointsForObjectLambda,
            inputKey: \ListAccessPointsForObjectLambdaRequest.nextToken,
            outputKey: \ListAccessPointsForObjectLambdaResult.nextToken,
            logger: logger
        )
    }
    /// Return PaginatorSequence for operation ``listAccessPointsForObjectLambda(_:logger:)``.
    ///
    /// - Parameters:
    ///   - accountId: The account ID for the account that owns the specified Object Lambda Access Point.
    ///   - maxResults: The maximum number of access points that you want to include in the list. The response may contain fewer access points but will never contain more. If there are more than this number of access points, then the response will include a continuation token in the NextToken field that you can use to retrieve the next page of access points.
    ///   - logger: Logger used for logging
    @inlinable
    public func listAccessPointsForObjectLambdaPaginator(
        accountId: String,
        maxResults: Int? = nil,
        logger: Logger = AWSClient.loggingDisabled        
    ) -> AWSClient.PaginatorSequence<ListAccessPointsForObjectLambdaRequest, ListAccessPointsForObjectLambdaResult> {
        let input = ListAccessPointsForObjectLambdaRequest(
            accountId: accountId, 
            maxResults: maxResults
        )
        return self.listAccessPointsForObjectLambdaPaginator(input, logger: logger)
    }

    /// Return PaginatorSequence for operation ``listCallerAccessGrants(_:logger:)``.
    ///
    /// - Parameters:
    ///   - input: Input for operation
    ///   - logger: Logger used for logging
    @inlinable
    public func listCallerAccessGrantsPaginator(
        _ input: ListCallerAccessGrantsRequest,
        logger: Logger = AWSClient.loggingDisabled
    ) -> AWSClient.PaginatorSequence<ListCallerAccessGrantsRequest, ListCallerAccessGrantsResult> {
        return .init(
            input: input,
            command: self.listCallerAccessGrants,
            inputKey: \ListCallerAccessGrantsRequest.nextToken,
            outputKey: \ListCallerAccessGrantsResult.nextToken,
            logger: logger
        )
    }
    /// Return PaginatorSequence for operation ``listCallerAccessGrants(_:logger:)``.
    ///
    /// - Parameters:
    ///   - accountId: The Amazon Web Services account ID of the S3 Access Grants instance.
    ///   - allowedByApplication: If this optional parameter is passed in the request, a filter is applied to the results. The results will include only the access grants for the caller's Identity Center application or for any other applications (ALL).
    ///   - grantScope: The S3 path of the data that you would like to access. Must start with s3://. You can optionally pass only the beginning characters of a path, and S3 Access Grants will search for all applicable grants for the path fragment.
    ///   - maxResults: The maximum number of access grants that you would like returned in the List Caller Access Grants response. If the results include the pagination token NextToken, make another call using the NextToken to determine if there are more results.
    ///   - logger: Logger used for logging
    @inlinable
    public func listCallerAccessGrantsPaginator(
        accountId: String,
        allowedByApplication: Bool? = nil,
        grantScope: String? = nil,
        maxResults: Int? = nil,
        logger: Logger = AWSClient.loggingDisabled        
    ) -> AWSClient.PaginatorSequence<ListCallerAccessGrantsRequest, ListCallerAccessGrantsResult> {
        let input = ListCallerAccessGrantsRequest(
            accountId: accountId, 
            allowedByApplication: allowedByApplication, 
            grantScope: grantScope, 
            maxResults: maxResults
        )
        return self.listCallerAccessGrantsPaginator(input, logger: logger)
    }

    /// Return PaginatorSequence for operation ``listJobs(_:logger:)``.
    ///
    /// - Parameters:
    ///   - input: Input for operation
    ///   - logger: Logger used for logging
    @inlinable
    public func listJobsPaginator(
        _ input: ListJobsRequest,
        logger: Logger = AWSClient.loggingDisabled
    ) -> AWSClient.PaginatorSequence<ListJobsRequest, ListJobsResult> {
        return .init(
            input: input,
            command: self.listJobs,
            inputKey: \ListJobsRequest.nextToken,
            outputKey: \ListJobsResult.nextToken,
            logger: logger
        )
    }
    /// Return PaginatorSequence for operation ``listJobs(_:logger:)``.
    ///
    /// - Parameters:
    ///   - accountId: The Amazon Web Services account ID associated with the S3 Batch Operations job.
    ///   - jobStatuses: The List Jobs request returns jobs that match the statuses listed in this element.
    ///   - maxResults: The maximum number of jobs that Amazon S3 will include in the List Jobs response. If there are more jobs than this number, the response will include a pagination token in the NextToken field to enable you to retrieve the next page of results.
    ///   - logger: Logger used for logging
    @inlinable
    public func listJobsPaginator(
        accountId: String,
        jobStatuses: [JobStatus]? = nil,
        maxResults: Int? = nil,
        logger: Logger = AWSClient.loggingDisabled        
    ) -> AWSClient.PaginatorSequence<ListJobsRequest, ListJobsResult> {
        let input = ListJobsRequest(
            accountId: accountId, 
            jobStatuses: jobStatuses, 
            maxResults: maxResults
        )
        return self.listJobsPaginator(input, logger: logger)
    }

    /// Return PaginatorSequence for operation ``listMultiRegionAccessPoints(_:logger:)``.
    ///
    /// - Parameters:
    ///   - input: Input for operation
    ///   - logger: Logger used for logging
    @inlinable
    public func listMultiRegionAccessPointsPaginator(
        _ input: ListMultiRegionAccessPointsRequest,
        logger: Logger = AWSClient.loggingDisabled
    ) -> AWSClient.PaginatorSequence<ListMultiRegionAccessPointsRequest, ListMultiRegionAccessPointsResult> {
        return .init(
            input: input,
            command: self.listMultiRegionAccessPoints,
            inputKey: \ListMultiRegionAccessPointsRequest.nextToken,
            outputKey: \ListMultiRegionAccessPointsResult.nextToken,
            logger: logger
        )
    }
    /// Return PaginatorSequence for operation ``listMultiRegionAccessPoints(_:logger:)``.
    ///
    /// - Parameters:
    ///   - accountId: The Amazon Web Services account ID for the owner of the Multi-Region Access Point.
    ///   - maxResults: Not currently used. Do not use this parameter.
    ///   - logger: Logger used for logging
    @inlinable
    public func listMultiRegionAccessPointsPaginator(
        accountId: String,
        maxResults: Int? = nil,
        logger: Logger = AWSClient.loggingDisabled        
    ) -> AWSClient.PaginatorSequence<ListMultiRegionAccessPointsRequest, ListMultiRegionAccessPointsResult> {
        let input = ListMultiRegionAccessPointsRequest(
            accountId: accountId, 
            maxResults: maxResults
        )
        return self.listMultiRegionAccessPointsPaginator(input, logger: logger)
    }

    /// Return PaginatorSequence for operation ``listRegionalBuckets(_:logger:)``.
    ///
    /// - Parameters:
    ///   - input: Input for operation
    ///   - logger: Logger used for logging
    @inlinable
    public func listRegionalBucketsPaginator(
        _ input: ListRegionalBucketsRequest,
        logger: Logger = AWSClient.loggingDisabled
    ) -> AWSClient.PaginatorSequence<ListRegionalBucketsRequest, ListRegionalBucketsResult> {
        return .init(
            input: input,
            command: self.listRegionalBuckets,
            inputKey: \ListRegionalBucketsRequest.nextToken,
            outputKey: \ListRegionalBucketsResult.nextToken,
            logger: logger
        )
    }
    /// Return PaginatorSequence for operation ``listRegionalBuckets(_:logger:)``.
    ///
    /// - Parameters:
    ///   - accountId: The Amazon Web Services account ID of the Outposts bucket.
    ///   - maxResults: 
    ///   - outpostId: The ID of the Outposts resource.  This ID is required by Amazon S3 on Outposts buckets.
    ///   - logger: Logger used for logging
    @inlinable
    public func listRegionalBucketsPaginator(
        accountId: String,
        maxResults: Int? = nil,
        outpostId: String? = nil,
        logger: Logger = AWSClient.loggingDisabled        
    ) -> AWSClient.PaginatorSequence<ListRegionalBucketsRequest, ListRegionalBucketsResult> {
        let input = ListRegionalBucketsRequest(
            accountId: accountId, 
            maxResults: maxResults, 
            outpostId: outpostId
        )
        return self.listRegionalBucketsPaginator(input, logger: logger)
    }

    /// Return PaginatorSequence for operation ``listStorageLensConfigurations(_:logger:)``.
    ///
    /// - Parameters:
    ///   - input: Input for operation
    ///   - logger: Logger used for logging
    @inlinable
    public func listStorageLensConfigurationsPaginator(
        _ input: ListStorageLensConfigurationsRequest,
        logger: Logger = AWSClient.loggingDisabled
    ) -> AWSClient.PaginatorSequence<ListStorageLensConfigurationsRequest, ListStorageLensConfigurationsResult> {
        return .init(
            input: input,
            command: self.listStorageLensConfigurations,
            inputKey: \ListStorageLensConfigurationsRequest.nextToken,
            outputKey: \ListStorageLensConfigurationsResult.nextToken,
            logger: logger
        )
    }
    /// Return PaginatorSequence for operation ``listStorageLensConfigurations(_:logger:)``.
    ///
    /// - Parameters:
    ///   - accountId: The account ID of the requester.
    ///   - logger: Logger used for logging
    @inlinable
    public func listStorageLensConfigurationsPaginator(
        accountId: String,
        logger: Logger = AWSClient.loggingDisabled        
    ) -> AWSClient.PaginatorSequence<ListStorageLensConfigurationsRequest, ListStorageLensConfigurationsResult> {
        let input = ListStorageLensConfigurationsRequest(
            accountId: accountId
        )
        return self.listStorageLensConfigurationsPaginator(input, logger: logger)
    }

    /// Return PaginatorSequence for operation ``listStorageLensGroups(_:logger:)``.
    ///
    /// - Parameters:
    ///   - input: Input for operation
    ///   - logger: Logger used for logging
    @inlinable
    public func listStorageLensGroupsPaginator(
        _ input: ListStorageLensGroupsRequest,
        logger: Logger = AWSClient.loggingDisabled
    ) -> AWSClient.PaginatorSequence<ListStorageLensGroupsRequest, ListStorageLensGroupsResult> {
        return .init(
            input: input,
            command: self.listStorageLensGroups,
            inputKey: \ListStorageLensGroupsRequest.nextToken,
            outputKey: \ListStorageLensGroupsResult.nextToken,
            logger: logger
        )
    }
    /// Return PaginatorSequence for operation ``listStorageLensGroups(_:logger:)``.
    ///
    /// - Parameters:
    ///   - accountId:  The Amazon Web Services account ID that owns the Storage Lens groups.
    ///   - logger: Logger used for logging
    @inlinable
    public func listStorageLensGroupsPaginator(
        accountId: String,
        logger: Logger = AWSClient.loggingDisabled        
    ) -> AWSClient.PaginatorSequence<ListStorageLensGroupsRequest, ListStorageLensGroupsResult> {
        let input = ListStorageLensGroupsRequest(
            accountId: accountId
        )
        return self.listStorageLensGroupsPaginator(input, logger: logger)
    }
}

extension S3Control.ListAccessGrantsInstancesRequest: AWSPaginateToken {
    @inlinable
    public func usingPaginationToken(_ token: String) -> S3Control.ListAccessGrantsInstancesRequest {
        return .init(
            accountId: self.accountId,
            maxResults: self.maxResults,
            nextToken: token
        )
    }
}

extension S3Control.ListAccessGrantsLocationsRequest: AWSPaginateToken {
    @inlinable
    public func usingPaginationToken(_ token: String) -> S3Control.ListAccessGrantsLocationsRequest {
        return .init(
            accountId: self.accountId,
            locationScope: self.locationScope,
            maxResults: self.maxResults,
            nextToken: token
        )
    }
}

extension S3Control.ListAccessGrantsRequest: AWSPaginateToken {
    @inlinable
    public func usingPaginationToken(_ token: String) -> S3Control.ListAccessGrantsRequest {
        return .init(
            accountId: self.accountId,
            applicationArn: self.applicationArn,
            granteeIdentifier: self.granteeIdentifier,
            granteeType: self.granteeType,
            grantScope: self.grantScope,
            maxResults: self.maxResults,
            nextToken: token,
            permission: self.permission
        )
    }
}

extension S3Control.ListAccessPointsForDirectoryBucketsRequest: AWSPaginateToken {
    @inlinable
    public func usingPaginationToken(_ token: String) -> S3Control.ListAccessPointsForDirectoryBucketsRequest {
        return .init(
            accountId: self.accountId,
            directoryBucket: self.directoryBucket,
            maxResults: self.maxResults,
            nextToken: token
        )
    }
}

extension S3Control.ListAccessPointsForObjectLambdaRequest: AWSPaginateToken {
    @inlinable
    public func usingPaginationToken(_ token: String) -> S3Control.ListAccessPointsForObjectLambdaRequest {
        return .init(
            accountId: self.accountId,
            maxResults: self.maxResults,
            nextToken: token
        )
    }
}

extension S3Control.ListAccessPointsRequest: AWSPaginateToken {
    @inlinable
    public func usingPaginationToken(_ token: String) -> S3Control.ListAccessPointsRequest {
        return .init(
            accountId: self.accountId,
            bucket: self.bucket,
            dataSourceId: self.dataSourceId,
            dataSourceType: self.dataSourceType,
            maxResults: self.maxResults,
            nextToken: token
        )
    }
}

extension S3Control.ListCallerAccessGrantsRequest: AWSPaginateToken {
    @inlinable
    public func usingPaginationToken(_ token: String) -> S3Control.ListCallerAccessGrantsRequest {
        return .init(
            accountId: self.accountId,
            allowedByApplication: self.allowedByApplication,
            grantScope: self.grantScope,
            maxResults: self.maxResults,
            nextToken: token
        )
    }
}

extension S3Control.ListJobsRequest: AWSPaginateToken {
    @inlinable
    public func usingPaginationToken(_ token: String) -> S3Control.ListJobsRequest {
        return .init(
            accountId: self.accountId,
            jobStatuses: self.jobStatuses,
            maxResults: self.maxResults,
            nextToken: token
        )
    }
}

extension S3Control.ListMultiRegionAccessPointsRequest: AWSPaginateToken {
    @inlinable
    public func usingPaginationToken(_ token: String) -> S3Control.ListMultiRegionAccessPointsRequest {
        return .init(
            accountId: self.accountId,
            maxResults: self.maxResults,
            nextToken: token
        )
    }
}

extension S3Control.ListRegionalBucketsRequest: AWSPaginateToken {
    @inlinable
    public func usingPaginationToken(_ token: String) -> S3Control.ListRegionalBucketsRequest {
        return .init(
            accountId: self.accountId,
            maxResults: self.maxResults,
            nextToken: token,
            outpostId: self.outpostId
        )
    }
}

extension S3Control.ListStorageLensConfigurationsRequest: AWSPaginateToken {
    @inlinable
    public func usingPaginationToken(_ token: String) -> S3Control.ListStorageLensConfigurationsRequest {
        return .init(
            accountId: self.accountId,
            nextToken: token
        )
    }
}

extension S3Control.ListStorageLensGroupsRequest: AWSPaginateToken {
    @inlinable
    public func usingPaginationToken(_ token: String) -> S3Control.ListStorageLensGroupsRequest {
        return .init(
            accountId: self.accountId,
            nextToken: token
        )
    }
}
